urlscan.io logo urlscan.io
SecurityTrails logo

megaup.net Open in urlscan Pro
91.209.70.182  Public Scan

Go To Rescan Add Verdict Report
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Submission: On December 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 15 countries across 88 domains to perform 481 HTTP transactions. The main IP is 91.209.70.182, located in Belize and belongs to VEESP-AS, RU. The main domain is megaup.net. The Cisco Umbrella rank of the primary domain is 187143.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 17th 2022. Valid for: a year.
This is the only time megaup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
53 91.209.70.182 43317 (VEESP-AS)
7 2600:9000:205... 16509 (AMAZON-02)
1 172.255.6.247 7979 (SERVERS-COM)
1 23.109.87.55 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
8 172.64.173.27 13335 (CLOUDFLAR...)
11 108.158.61.9 16509 (AMAZON-02)
10 188.114.97.12 13335 (CLOUDFLAR...)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 4 2a00:1450:400... 15169 (GOOGLE)
3 54.162.51.18 14618 (AMAZON-AES)
2 178.63.97.71 24940 (HETZNER-AS)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.83 16509 (AMAZON-02)
3 13.32.27.85 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
18 3.225.229.148 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 205.185.216.42 20446 (STACKPATH...)
3 162.252.214.5 53334 (TUT-AS)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
6 18 185.89.210.244 29990 (ASN-APPNEX)
4 34.107.148.139 396982 (GOOGLE-CL...)
4 54.80.98.164 14618 (AMAZON-AES)
5 9 147.75.85.234 54825 (PACKET)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 5 185.184.8.90 204995 (RTB-HOUSE...)
4 213.227.153.222 60781 (LEASEWEB-...)
4 18.158.177.133 16509 (AMAZON-02)
23 54.72.124.195 16509 (AMAZON-02)
2 4 185.172.90.251 49981 (WORLDSTREAM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 13.32.27.89 16509 (AMAZON-02)
16 76.223.111.18 16509 (AMAZON-02)
5 185.29.132.242 30419 (MEDIAMATH...)
2 88.99.219.174 24940 (HETZNER-AS)
20 34.251.154.165 16509 (AMAZON-02)
2 92.123.37.164 16625 (AKAMAI-AS)
1 5 144.76.104.53 24940 (HETZNER-AS)
4 8 185.29.132.245 30419 (MEDIAMATH...)
4 138.201.63.145 24940 (HETZNER-AS)
1 3.5.81.116 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 37.157.5.141 198622 (ADFORM)
35 37.157.2.249 198622 (ADFORM)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 2.18.36.181 16625 (AKAMAI-AS)
4 2.18.235.93 16625 (AKAMAI-AS)
2 13.32.27.7 16509 (AMAZON-02)
9 9 54.90.77.112 14618 (AMAZON-AES)
3 69.166.1.12 27630 (AS-XFERNET)
2 52.16.223.13 16509 (AMAZON-02)
2 51.75.86.98 16276 (OVH)
2 5 185.86.137.121 201081 (SMARTADSE...)
3 7 104.18.33.19 13335 (CLOUDFLAR...)
4 4 104.96.145.246 16625 (AKAMAI-AS)
8 104.109.78.125 16625 (AKAMAI-AS)
5 23.35.236.201 16625 (AKAMAI-AS)
2 2600:9000:211... 16509 (AMAZON-02)
3 4 72.251.249.14 32475 (SINGLEHOP...)
2 216.52.2.19 32475 (SINGLEHOP...)
5 5 213.19.147.44 3356 (LEVEL3)
9 35.71.131.137 16509 (AMAZON-02)
2 2 193.0.160.129 54312 (ROCKETFUEL)
7 7 18.156.0.31 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 6 185.86.139.113 201081 (SMARTADSE...)
10 14 142.250.180.194 15169 (GOOGLE)
1 35.157.59.48 16509 (AMAZON-02)
3 3 185.89.210.122 29990 (ASN-APPNEX)
2 34 34.247.233.198 16509 (AMAZON-02)
7 7 3.126.18.125 16509 (AMAZON-02)
1 1 188.34.165.163 24940 (HETZNER-AS)
2 2 54.85.151.23 14618 (AMAZON-AES)
4 4 64.74.236.255 22075 (AS-OUTBRAIN)
2 3 69.192.160.219 16625 (AKAMAI-AS)
3 3 198.148.27.140 19189 (PULSEPOINT)
6 7 70.42.32.223 13789 (INTERNAP-...)
3 3 35.244.159.8 15169 (GOOGLE)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 54.243.215.75 14618 (AMAZON-AES)
2 129.80.94.115 31898 (ORACLE-BM...)
2 38.91.45.7 398989 (DEEPINTENT)
4 4 63.33.20.36 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 162.19.138.116 16276 (OVH)
6 6 151.101.66.49 54113 (FASTLY)
3 3 3.75.3.113 16509 (AMAZON-02)
2 2 124.146.215.49 2514 (INFOSPHER...)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 2 209.54.182.161 16509 (AMAZON-02)
2 11 185.80.39.216 27381 (CASALE-MEDIA)
2 2 185.183.112.155 60350 (VP)
1 6 69.173.144.165 26667 (RUBICONPR...)
1 1 162.254.186.187 33695 (SCALEMATRIX)
1 1 154.59.122.79 174 (COGENT-174)
6 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
3 5 67.220.226.232 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.154.216.185 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 35.204.158.49 396982 (GOOGLE-CL...)
1 1 37.157.6.254 198622 (ADFORM)
1 52.213.183.212 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 51.68.39.188 16276 (OVH)
1 1 35.208.249.213 ()
2 192.229.233.53 15133 (EDGECAST)
1 69.173.151.100 26667 (RUBICONPR...)
1 5 69.173.144.139 26667 (RUBICONPR...)
1 54.172.144.228 14618 (AMAZON-AES)
1 1 38.67.14.234 174 (COGENT-174)
2 3 3.123.245.15 16509 (AMAZON-02)
1 52.29.214.155 16509 (AMAZON-02)
1 198.47.127.20 ()
481 94
53    91.209.70.182 (Belize)

ASN43317 (VEESP-AS, RU)
megaup.net
7    2600:9000:2057:1600:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)
dmmzkfd82wayn.cloudfront.net
1    172.255.6.247 (Netherlands)

ASN7979 (SERVERS-COM, US)
altowriestwispy.com
1    23.109.87.55 (Netherlands)

ASN7979 (SERVERS-COM, US)
keydawnawe.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    172.64.173.27 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
11    108.158.61.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-61-9.bom78.r.cloudfront.net
himhedrankslo.xyz
10    188.114.97.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
othdgemanow.xyz
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
3    54.162.51.18 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-51-18.compute-1.amazonaws.com
theharityhild.buzz
2    178.63.97.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.97.63.178.clients.your-server.de
ad.a-ads.com
static.a-ads.com
3    2606:4700:20::681a:36b (United States)

ASN13335 (CLOUDFLARENET, US)
platform.bidgear.com
imp9.bidgear.com
2    2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.215.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-83.fra53.r.cloudfront.net
parrecleftne.xyz
3    13.32.27.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-85.fra56.r.cloudfront.net
cdn.purpleads.io
2    2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.engine.4dsply.com
engine.4dsply.com
5    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
6.adsco.re
18    3.225.229.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-229-148.compute-1.amazonaws.com
api.purpleads.io
1    2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.psdn.xyz
3    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, RO)
6lthy1laqbnt.n4.adsco.re
1    185.200.116.90 (Kuala Lumpur, Malaysia)

ASN9009 (M247, RO)
PTR: no-mans-land.m247.com
6lthy1laqbnt.s4.adsco.re
6    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
18    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    54.80.98.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-98-164.compute-1.amazonaws.com
hb.minutemedia-prebid.com
9    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
4    213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1h-euc1.zemanta.com
4    18.158.177.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-177-133.eu-central-1.compute.amazonaws.com
tlx.3lift.com
23    54.72.124.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    185.172.90.251 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net
pbjs.e-planning.net
1    2606:4700::6810:9e11 (United States)

ASN13335 (CLOUDFLARENET, US)
engine.4dsply.com
6    13.32.27.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-89.fra56.r.cloudfront.net
ib.3lift.com
16    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal9000.redintelligence.net
20    34.251.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
2    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal900022.redintelligence.net
8    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
1    3.5.81.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
8    37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
35    37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
6    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2.18.36.181 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-181.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
public.servenobid.com
9    54.90.77.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-77-112.compute-1.amazonaws.com
ssp.disqus.com
3    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    52.16.223.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
5    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
7    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2600:9000:211a:9000:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
4    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
14    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
cm.g.doubleclick.net
1    35.157.59.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-59-48.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
34    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
7    3.126.18.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-18-125.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    188.34.165.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.163.165.34.188.clients.your-server.de
bidswitch-eu.splicky.com
2    54.85.151.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-151-23.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    64.74.236.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
3    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    2a05:d018:d29:3601:909a:e593:7b70:eda7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    54.243.215.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-215-75.compute-1.amazonaws.com
sync.ipredictive.com
2    129.80.94.115 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    63.33.20.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-20-36.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
6    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    3.75.3.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
11    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    162.254.186.187 (Escondido, United States)

ASN33695 (SCALEMATRIX, US)
PTR: www.abcbymebath.com
demand.trafficroots.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    54.154.216.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    52.213.183.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-183-212.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    35.208.249.213 (None, )

ASN- ()
trace.mediago.io
2    192.229.233.53 (Saint Joseph, United States)

ASN15133 (EDGECAST, US)
cti.w55c.net
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    54.172.144.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-144-228.compute-1.amazonaws.com
rtb.adentifi.com
1    38.67.14.234 (Fernandina Beach, United States)

ASN174 (COGENT-174, US)
rbp.mxptint.net
3    3.123.245.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-245-15.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    52.29.214.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-214-155.eu-central-1.compute.amazonaws.com
tags.w55c.net
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
53 megaup.net
megaup.net — Cisco Umbrella Rank: 187143
1 MB
44 adform.net
track.adform.net — Cisco Umbrella Rank: 3455
s1.adform.net — Cisco Umbrella Rank: 6452
c1.adform.net — Cisco Umbrella Rank: 803
385 KB
36 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1954
usersync.gumgum.com — Cisco Umbrella Rank: 2493
12 KB
26 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 687
ib.3lift.com — Cisco Umbrella Rank: 1670
eb2.3lift.com — Cisco Umbrella Rank: 461
133 KB
25 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2733
public.servenobid.com — Cisco Umbrella Rank: 5231
16 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
acdn.adnxs.com — Cisco Umbrella Rank: 756
secure.adnxs.com — Cisco Umbrella Rank: 570
96 KB
24 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1154
eus.rubiconproject.com — Cisco Umbrella Rank: 743
token.rubiconproject.com — Cisco Umbrella Rank: 786
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1477
pixel.rubiconproject.com — Cisco Umbrella Rank: 424
48 KB
21 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 39116
api.purpleads.io — Cisco Umbrella Rank: 26697
60 KB
20 mediamathtag.com
s.update.mediamathtag.com — Cisco Umbrella Rank: 12704
117 KB
18 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 772
dsum.casalemedia.com — Cisco Umbrella Rank: 2149
15 KB
15 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4739
pixel.mathtag.com — Cisco Umbrella Rank: 1175
sync.mathtag.com — Cisco Umbrella Rank: 579
10 KB
14 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 278
2 KB
14 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 594
image6.pubmatic.com — Cisco Umbrella Rank: 941
simage2.pubmatic.com — Cisco Umbrella Rank: 852
image2.pubmatic.com — Cisco Umbrella Rank: 1234
simage4.pubmatic.com
44 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 368
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 575
4 KB
11 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1001
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 637
5 KB
11 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38313
hal900022.redintelligence.net — Cisco Umbrella Rank: 359628
hal900010.redintelligence.net — Cisco Umbrella Rank: 526156
15 KB
11 himhedrankslo.xyz
himhedrankslo.xyz
13 KB
10 adsco.re
c.adsco.re — Cisco Umbrella Rank: 14964
6.adsco.re — Cisco Umbrella Rank: 14962
4.adsco.re — Cisco Umbrella Rank: 16101
6lthy1laqbnt.l4.adsco.re Failed
6lthy1laqbnt.n4.adsco.re
6lthy1laqbnt.s4.adsco.re
adsco.re — Cisco Umbrella Rank: 10478
57 KB
10 othdgemanow.xyz
othdgemanow.xyz
3 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 441
2 KB
9 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1796
3 KB
9 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1128
2 KB
9 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2841
mp.4dex.io — Cisco Umbrella Rank: 3066
74 KB
8 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 18653
b1sync.zemanta.com — Cisco Umbrella Rank: 635
3 KB
8 media.net
prebid.media.net — Cisco Umbrella Rank: 1734
contextual.media.net — Cisco Umbrella Rank: 681
36 KB
8 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 18941
403 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 365
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1030
5 KB
7 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 898
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 375
2 KB
7 cloudfront.net
dmmzkfd82wayn.cloudfront.net
190 KB
6 w55c.net
cti.w55c.net — Cisco Umbrella Rank: 4771
pm.w55c.net — Cisco Umbrella Rank: 1052
tags.w55c.net — Cisco Umbrella Rank: 5068
18 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 836
1 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1233
ap.lijit.com — Cisco Umbrella Rank: 835
3 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 324
49 KB
6 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4829
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4892
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 711
3 KB
5 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5863
creativecdn.com — Cisco Umbrella Rank: 588
1 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 754
1 KB
4 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7354
3 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 118
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20138
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30547
740 B
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1313
544 B
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 568
446 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 734
1 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 739
tags.bluekai.com — Cisco Umbrella Rank: 737
2 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1202
1 KB
3 psdn.xyz
cdn.psdn.xyz — Cisco Umbrella Rank: 66528
309 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 454
ajax.googleapis.com — Cisco Umbrella Rank: 485
188 KB
3 4dsply.com
cdn.engine.4dsply.com — Cisco Umbrella Rank: 23744
engine.4dsply.com — Cisco Umbrella Rank: 22035
45 KB
3 bidgear.com
platform.bidgear.com — Cisco Umbrella Rank: 31067
imp9.bidgear.com — Cisco Umbrella Rank: 33332
5 KB
3 theharityhild.buzz
theharityhild.buzz — Cisco Umbrella Rank: 141470
73 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6277
562 B
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1793
536 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1082
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 510
2 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1453
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1181
60 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1549
585 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1294
930 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 902
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1107
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 956
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 87
20 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 16216
static.a-ads.com — Cisco Umbrella Rank: 35237
615 KB
1 mxptint.net
rbp.mxptint.net — Cisco Umbrella Rank: 5980
690 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1638
35 B
1 mediago.io
trace.mediago.io
372 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3760
535 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 4614
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3301
420 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1074
425 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 653
433 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1188
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1049
264 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3100
382 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 890
363 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1822
711 B
1 trafficroots.com
demand.trafficroots.com — Cisco Umbrella Rank: 4604
633 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 25828
221 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 617
35 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1861
487 B
1 amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 68663 Failed
10 KB
1 parrecleftne.xyz
parrecleftne.xyz — Cisco Umbrella Rank: 668146
487 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 115
43 KB
1 keydawnawe.com
keydawnawe.com — Cisco Umbrella Rank: 769688
1 altowriestwispy.com
altowriestwispy.com — Cisco Umbrella Rank: 729126
0 admanmedia.com Failed
cs.admanmedia.com Failed
481 88
Domain Requested by
53 megaup.net megaup.net
35 s1.adform.net track.adform.net
s1.adform.net
megaup.net
34 usersync.gumgum.com 2 redirects g2.gumgum.com
23 ads.servenobid.com cdn.psdn.xyz
public.servenobid.com
ssbsync.smartadserver.com
g2.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
20 s.update.mediamathtag.com tags.mathtag.com
s.update.mediamathtag.com
18 ib.adnxs.com 6 redirects cdn.psdn.xyz
acdn.adnxs.com
18 api.purpleads.io cdn.purpleads.io
16 eb2.3lift.com megaup.net
ib.3lift.com
cdn.psdn.xyz
14 cm.g.doubleclick.net 10 redirects ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
11 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
11 himhedrankslo.xyz dmmzkfd82wayn.cloudfront.net
10 othdgemanow.xyz megaup.net
dmmzkfd82wayn.cloudfront.net
9 match.adsrvr.org public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
ads.pubmatic.com
9 ssp.disqus.com 9 redirects
9 prebid.a-mo.net 5 redirects cdn.psdn.xyz
8 eus.rubiconproject.com public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
8 track.adform.net hal900022.redintelligence.net
hal900010.redintelligence.net
s1.adform.net
8 sync.mathtag.com 4 redirects tags.mathtag.com
sync.mathtag.com
megaup.net
8 pogothere.xyz dmmzkfd82wayn.cloudfront.net
7 sync.outbrain.com 6 redirects g2.gumgum.com
7 x.bidswitch.net 7 redirects
7 ups.analytics.yahoo.com 7 redirects
7 dmmzkfd82wayn.cloudfront.net megaup.net
himhedrankslo.xyz
6 token.rubiconproject.com 1 redirects eus.rubiconproject.com
6 sync-tm.everesttech.net 6 redirects
6 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
6 ssum-sec.casalemedia.com 3 redirects public.servenobid.com
ssum-sec.casalemedia.com
6 cdnjs.cloudflare.com s1.adform.net
6 ib.3lift.com megaup.net
ib.3lift.com
6 script.4dex.io cdn.psdn.xyz
script.4dex.io
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
eus.rubiconproject.com
5 sync.1rx.io 5 redirects
5 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
5 ssbsync.smartadserver.com 2 redirects public.servenobid.com
g2.gumgum.com
5 hal900022.redintelligence.net 1 redirects megaup.net
hal900022.redintelligence.net
5 tags.mathtag.com ib.3lift.com
tags.mathtag.com
4 ad.360yield.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
4 b1sync.zemanta.com 4 redirects
4 ce.lijit.com 3 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 contextual.media.net cdn.psdn.xyz
4 acdn.adnxs.com cdn.psdn.xyz
4 hal900010.redintelligence.net hal9000.redintelligence.net
hal900010.redintelligence.net
4 pbjs.e-planning.net 2 redirects
4 tlx.3lift.com cdn.psdn.xyz
megaup.net
4 b1h-euc1.zemanta.com cdn.psdn.xyz
4 hb.minutemedia-prebid.com cdn.psdn.xyz
4 prebid.media.net cdn.psdn.xyz
4 accounts.google.com 2 redirects megaup.net
3 pm.w55c.net 2 redirects cti.w55c.net
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 creativecdn.com 3 redirects
3 cs.emxdgt.com 3 redirects
3 us-u.openx.net 3 redirects
3 bh.contextweb.com 3 redirects
3 secure.adnxs.com 3 redirects
3 sync.go.sonobi.com public.servenobid.com
3 mp.4dex.io cdn.psdn.xyz
3 cdn.psdn.xyz cdn.purpleads.io
3 c.adsco.re cdn.engine.4dsply.com
c.adsco.re
3 cdn.purpleads.io platform.bidgear.com
cdn.purpleads.io
3 theharityhild.buzz megaup.net
2 cti.w55c.net eus.rubiconproject.com
cti.w55c.net
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.adotmob.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 tg.socdm.com 2 redirects
2 id5-sync.com g2.gumgum.com
2 sync.inmobi.com 2 redirects
2 match.deepintent.com g2.gumgum.com
2 sync.technoratimedia.com g2.gumgum.com
2 sync.ipredictive.com 2 redirects
2 stags.bluekai.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 p.rfihub.com 2 redirects
2 ap.lijit.com public.servenobid.com
2 cs-rtb.minutemedia-prebid.com public.servenobid.com
2 onetag-sys.com public.servenobid.com
2 g2.gumgum.com public.servenobid.com
2 public.servenobid.com cdn.psdn.xyz
2 ajax.googleapis.com hal900022.redintelligence.net
hal900010.redintelligence.net
2 pixel.mathtag.com tags.mathtag.com
2 hal9000.redintelligence.net megaup.net
2 engine.4dsply.com cdn.engine.4dsply.com
2 prebid-eu.creativecdn.com cdn.psdn.xyz
2 4.adsco.re megaup.net
c.adsco.re
2 6.adsco.re megaup.net
c.adsco.re
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 platform.bidgear.com megaup.net
1 simage4.pubmatic.com ads.pubmatic.com
1 tags.bluekai.com cti.w55c.net
1 tags.w55c.net cti.w55c.net
1 rbp.mxptint.net 1 redirects
1 rtb.adentifi.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 trace.mediago.io 1 redirects
1 dsp.nrich.ai 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 s.company-target.com 1 redirects
1 ad.turn.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 c1.adform.net 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 demand.trafficroots.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 match.sharethrough.com ssbsync.smartadserver.com
1 dsp.adfarm1.adition.com 1 redirects
1 webpick-cdn.s3.us-west-2.amazonaws.com
1 adsco.re c.adsco.re
1 6lthy1laqbnt.s4.adsco.re c.adsco.re
1 6lthy1laqbnt.n4.adsco.re c.adsco.re
1 imasdk.googleapis.com cdn.purpleads.io
1 imp9.bidgear.com megaup.net
1 cdn.engine.4dsply.com megaup.net
1 parrecleftne.xyz megaup.net
1 static.a-ads.com ad.a-ads.com
1 ad.a-ads.com megaup.net
1 www.facebook.com megaup.net
1 www.googletagmanager.com megaup.net
1 keydawnawe.com megaup.net
1 altowriestwispy.com megaup.net
0 cs.admanmedia.com Failed ssbsync.smartadserver.com
g2.gumgum.com
0 6lthy1laqbnt.l4.adsco.re Failed c.adsco.re
481 134
Subject Issuer Validity Valid
*.megaup.net
Sectigo RSA Domain Validation Secure Server CA		 2022-09-17 -
2023-10-18		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
altowriestwispy.com
R3		 2022-11-07 -
2023-02-05		 3 months crt.sh
keydawnawe.com
R3		 2022-11-26 -
2023-02-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.pogothere.xyz
E1		 2022-11-02 -
2023-01-31		 3 months crt.sh
himhedrankslo.xyz
Amazon RSA 2048 M01		 2022-12-23 -
2024-01-21		 a year crt.sh
*.othdgemanow.xyz
E1		 2022-12-18 -
2023-03-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-05 -
2023-01-03		 3 months crt.sh
theharityhild.buzz
R3		 2022-12-07 -
2023-03-07		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-21 -
2024-01-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-31		 a year crt.sh
parrecleftne.xyz
Amazon RSA 2048 M02		 2022-12-18 -
2024-01-16		 a year crt.sh
*.purpleads.io
Amazon		 2022-10-31 -
2023-11-29		 a year crt.sh
4dsply.com
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2022-09-16 -
2023-09-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
psdn.xyz
E1		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.n4.adsco.re
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh
*.s4.adsco.re
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
update.mediamathtag.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-24		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
ads.w55c.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-06 -
2023-06-07		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh

This page contains 84 frames:

Primary Page: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Frame ID: 480B5CF50A1BC56FE2A63E5FA5AEA7A4
Requests: 118 HTTP requests in this frame

Frame: https://himhedrankslo.xyz/bHVVc08NFzYecA1IN1U6HhloVn0qUGc1KwEYLxgpCE1nBC4VG3sQIwMAMRU9AxshXSEJAXBBCRkWLyV5Og8YIhgEJC03DggWHR4gKScEIQMOAgMlFxseYSseITwWIn4+PzsYHTYtZDcaXAYxKx0URRsdCSQ2AzUHNg0AFRkuJCI3IzokEzceIyQ9Pi0hRBM8DjoCPyI3FBAHCScPMhM+AiIzDCIaCwEtISclPBMJJyYyORgYIh0PMSxcTGAyfjU9Bh12KTI5ACojMAQyCikdOyseDyQGNCwvJC0HBA8SFAsKKR07IQ0cFwE0AjskHRcpNiQYPw5cWGBWfS4zPjYJKwwxNwddNBs+IyksDTJ6FTQBJg4/IhQXHi07MykeIhcNGwYGLT1LHj83BCQePSACIyMLIhA2JwIjFykYKSEyEhkLER49CR83AhssFTM+NTU/RzY/Fz0jACooLjIRNR0BNAAQHj8yMTIKADg3ORkcIhcJNwU0ECItPyIQJQ0LHRlVJR8aOwNyHy83JgMHRxtDKV0/OxwOIA
Frame ID: D52F367465401183F5EC139B13BEF9B4
Requests: 2 HTTP requests in this frame

Frame: https://himhedrankslo.xyz/Z0NUS0wGITcmcwZ+Nm05FS9pbn4hZmYNKAouLiAqA3tmPC0eLXooIAg2MC0+CC0gZSICN3F5ClINESMIKBsaEwYecjIfCSYrHjweKwE6enokBh0YBQ0BAwMZNXISDXQWJhYsLQEHBjwHHQ4yCXxTMDIsIDEUFyA4PyhgGAA0cjUfKzE2HSd8NQAMMyAzEhopBVR2GQMaJjceHQ0DFgczIDMBHQEGNDsQDCAAKB0jNCUgOno4JBUNDCkgNxsMIAgwGA54JgYMOzYxNDcZKQkOHRo0F3cOLCMfBgw7NjMrJCoqCSA3GgQ9NzcaJysCOjM9LwYRDgczbhoBBFYGcXkKLS8nEhQzOzkINjIBMXgdPxIVATgEEjgpFB4CZx0OXxExLA0EEgUaJywvHRwJPzMuEyQ9Gx0yOzYVMxF4LgURCRseFjkDCSE6MRMBJRsFGSEDJCQMCDAZLQh8BBExJQIsBjgCPCoVFhwOAHZmCCc2IjF4GQEBMyd5QSknJCIXfgMtFSsTDQ4LIyAk
Frame ID: 30503A84667E318234035951B42C9FDC
Requests: 2 HTTP requests in this frame

Frame: https://himhedrankslo.xyz/Q0tGMWIiKSVcXSJ2JBcXMSd7FFAFbnR3Bi4mPFoEJ3N0RgM6JWhSDiw+IlcQLCUyHwwmP2MDJAkSdHwVJxwhcCYFfxJnGiAAEHQKEh0AZCYRDQR3IRYGJ3MKDS4TVi8FDhJjAAl6NUYtFgIIYQ4KJiUALyAMF1IsER5yYSMvfxVnNxYMHlk4FR4tZzAGGjZUNDsSBHYjNAICYw0LCAdnJQUsdnAgBg0SeTMJLh5jDRAIIQgBBQ53YygSHSRmJxkZB3dSJQghADcEI35gMCQBAHMKJwwHWjQZHnYBIxYNNVkwJAEAeRUsBQRaJA0eBXQ0EXohUzQSZhRSNhUNEmQzFhICRjgLDgdeKwAgFGA1Kh0RcFIJDBN3NxUZd1kuAA0hcyAScgFwCBkFE2csIAMHfCURLAx3JjQSB2YaMwkUXScCDSFwMAcNdmA2FQ4qcDcVGhJnLyYaAEU1FCNzdDUvLwFwCRYpB1Y0EQkxdyUWExxwNXIZCHBSDQQAXVYBbSxCDS07e1MULjkRWjBwGBxDGhV6A3I
Frame ID: AF208A34F15CD947E1183E99658912D9
Requests: 2 HTTP requests in this frame

Frame: https://himhedrankslo.xyz/a3pTMnAKGDBfTwpHMRQFGRZuF0ItX2F0FAYXKVkWD0JhRRESFH1RHAQPN1QCBBQnHB4ODnYANlIuBUIHMS0aRz45ThdqJAAAFXQYCR8EfDk+SwlAPSo3GHY0WhQYcx8cPCpFQi0APHk5EygXdBoIX2FwJD0sFnskGB8SXkkZKisGNzNJKwo1Oj8SUTdeLRZzPhw0KwoWKAMWADU+OAJxQlIfBWcUTkgVUxwMKRBLPU5IEXoIIigydRgqOStoHwo/EWclBjQiZCYyHTJ1GCo/NEEaCT8BcyU6Q3YANjoWBlMVWU8JYzYpQxxFMT0+OlUELSsweDooTwVkCTlOMmddDzYGagROSBVjHD0xGVg5LjkSBx8KPh1zJSNKYXUhXzIydRgqOzRRBSYoan8iWEMidwdbKxpYEz0rFXM8CkoRViQjS2NgJjEiN3oiKSxiaB8KPxJlMRIJZHMXEzI1SggtLD9kGgovCXY2WDghFBoYFT1CTTMVAWgGLQgLdQkP
Frame ID: 8B4EC721C97E6DE5DBA858354124DA0E
Requests: 2 HTTP requests in this frame

Frame: https://himhedrankslo.xyz/WEVtZFo5Jw4JZTl4D0IvKilQQWgeYF8iPjUoFw88PH1fEzshK0MHNjcwCQIoNysZSjQ9MUhWHDoWOwAuDigaFRUZCBoxIGhgXyYZDzEPAmgWJjQIay4VP1BvGS8BFQoffSk0Hi8CLCBibwldFzMeLFwVAgAELC8eMw4MVDUrCjxRKAASVVYZDBc/AgIdHycDFzEkCi1vGjxVDB4yCD0oMwIJJBNraAoKLSkaFjhTHhALCCBoEgE3DzZvH10xMhoWDh4bMQALBh0OISImMisfO1U0AAIJCgkfEBgGHQ4hJDUPNhw7CCAAMhkdAmocOAJoFgAOVW9tCwVJajUELhM9GwE8LBMbCyQ+GSh9NyIqbB1eXSMAdzchEzJ9NystGjY3N28iHQMPbRoBXS44HxMJKQszND0lEH13KzcCLCspDm49DwcLEzt0WTQANHQYNTQ0cDojDAImJQg5AgMFFwAOdQEgCWB3JR5jEiAVIgMCExkKAB4xGiMCCihLDik3Kx1ZC2EqGA8xDhYfHA
Frame ID: E6E6BC850A32DA9B5CCF8F996A82A8FA
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1811811?size=300x250
Frame ID: 0F77CD7A1EE428932627A9543CDC5991
Requests: 3 HTTP requests in this frame

Frame: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Frame ID: F5D3D6D2141B0780D8A2E6C01C50EA80
Requests: 24 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 9197AEB08315FED04CD04CC46F65EFC4
Requests: 4 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-14.js
Frame ID: 481E4407F865B70FDBAC872DC1C3EB9E
Requests: 15 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-14.js
Frame ID: 939041E513D73C52D95AC3CDB7CE7C6F
Requests: 15 HTTP requests in this frame

Frame: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Frame ID: E4854AC3E08C803298FB89F38C6282DB
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: B692FF31A1AAF76C39EC2A616A710E77
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2Nzc2NDE1ODcxNDMxODMxMzQvMTEyMDQ0MTQvMTI3ODAzMzYvNjIvazV0Mjk0WkRmdk1ramswOWRnQTYxdHlqS2Z1ZmZUZmhJZjg3QTZTQ0NMTS8xLzYyLzAvMC8yMDM5MjE2LzEzNTg4OTA4NTgvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84Njc3NjQxNTg3MTQzMTgzMTM0L3pyaC8wLzQ0MzkvNTkvOTk5LzI1OC84MC4yNTUuNy4wLzAuMDAwLzE2NzIxMTIxNDAvMTY3MjEyNDc0MC82Mi8xMTc5My8/ifyoiWxPReACodrzakR4rXZUBdM&nodeid=3740&group=zrh&auctionid=8677641587143183134&pbs_auctionid=8677641587143183134&shardkey=8677641587143183134&sid=12780336&cid=11204414&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.38
Frame ID: 9ADC6DBC3F2B012B7FA2DA8AEC8B42B1
Requests: 17 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=99814
Frame ID: 0E1E2E084AC4F2ABD333E4884E843875
Requests: 1 HTTP requests in this frame

Frame: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Frame ID: 9A5A92EE014BE69276F55083C4AFE6E2
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1E4413E1EB442FFDC755DA934435AB69
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNzE5MTA1NDg5NTI1NTkwMy8xMTIwNDQxOS8xMjc4MDMzNi82Mi9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFycVNxUDNpZmp4UXlJZ1ZPc0lpb1N3LzEvNjIvMC8wLzIwMzkyMTYvMTM1ODg5MDg1OC8yMTU1NDMvMTI2MjE0Mi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwNzE5MTA1NDg5NTI1NTkwMy96cmgvMC80NDQxLzU5Lzk5OS8yNTgvODAuMjU1LjcuMC8wLjAwMC8xNjcyMTEyMTQwLzE2NzIxMjQ3NDAvNjIvMTE3OTMv/8FH3VQ-WTNOqrqmfM1_DxfP5q_Q&nodeid=3740&group=zrh&auctionid=607191054895255903&pbs_auctionid=607191054895255903&shardkey=607191054895255903&sid=12780336&cid=11204419&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.139
Frame ID: 09A09BC82416D964D785511FDCBCA6CD
Requests: 18 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=89258
Frame ID: 249BE7D2C105291EF18115C91386C290
Requests: 1 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
Frame ID: 755A96C233F2908CA9F361903ABC4DB7
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3AD21C71A90F4534695BB61CC6E2C041
Requests: 3 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
Frame ID: 1230DCF016EAA1E1CF7B82EFEC770D91
Requests: 11 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=377c63aa-680c-4501-a5a9-b7f2240d91e0&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: 61E7582AC5A8C4D37EA9DC9DD5FD35D3
Requests: 2 HTTP requests in this frame

Frame: blob://https://megaup.net/3aa08941-d2fe-4e2e-8046-8cc3d44861ca
Frame ID: FE7728F56B10332A101B925CF29B9A8E
Requests: 1 HTTP requests in this frame

Frame: blob://https://megaup.net/88e3b6eb-6375-40bb-8205-bbaf7be06864
Frame ID: F227ED0B0BD7835D9A5E510A0D33E4B1
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12153721/12153721.js?ADFassetID=12153721&bv=516
Frame ID: 43B41857F0445B5E0E3C72B21FF68067
Requests: 18 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12153723/12153723.js?ADFassetID=12153723&bv=516
Frame ID: 8D0B61EB8E2F0C50F143CAFA73EA0BC4
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8F66D1529D937FF3273D9E9B28DA8293
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: DA7F1DA2A392BF6202F65AF90BFC3A9B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0EFA745A7D2ED5E38E9C4B3A1D2E5420
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 098736116AB2833D7CB31FE4E32D6821
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: C29D0A134D9D1CDFCDF1B382DA4EFA51
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5892DA06F933E62580D32E4EB64DE644
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 31BCABB426421904EB4B25F74FA67A52
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F34A1FF59288FA67CE2DF8414BB0B4A8
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: C90082DB185D3A0B1479D24A6397281F
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: AC26450EE2D2DD68ED26C712597494B3
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: A2C46EF0F06C53387019525C29078A0A
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: AAC35C368B6AC88D303686ACCC39A470
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: B72FC52F2AAB4C3B26267174E75A8986
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B21A0DC86CF9B9A46608A11005AB0609
Requests: 12 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 58D8E89461CF1728DFE13354FD062B5C
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 9FCE3D5034FAE012DAF21499B9D1682A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: B494031FAE3D402A820F6999F7711E5C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 7726BAE9D6FDE168ABEE651CB70017BA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Frame ID: 0D3C3D9641D1A8C83370CEA0AD9C5FC2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAADupgXwAe&gdpr=0&gdpr_consent=&_test=Y6poEAAADupgXwAe
Frame ID: 4A6855995E29BD5CA4C33397C6E7E2B8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 1456750770E2D986B4B6974751806848
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
Frame ID: B7F7817730EE564492C233EC5546AE4D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8XwAAJ8uVtMAAAAA
Frame ID: 3C92E2214666F68CC76D0D35D69675D2
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: B02431F35A460D2A29DC69B0AA50DE87
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
Frame ID: 3AD9D259EE120492D2B30EE00C4C9DCA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum&tc=1
Frame ID: 80AEB2E499AF37DB78E97777A2169235
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6E6F436D550E88556AF6CAE3C65F5ABB
Requests: 4 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E0A5491CC29B5C93641DB2A64DF6F092
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D32CEC3B0A49DA2034826946F2B08E0C
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E229A92A34CE110261F45ADF1F424DC2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4487FFC88992D4500EBD113194EF89A9
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 1062FB63E41A44E8CFA549F331A6F39E
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 3E0726A6D93023514A4B3D40B070AEAF
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: BCD0CE173CE512A7004E572FF5C5EAC9
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: BB502AAF6F9EE4AE35A70B0F2B760295
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: ADBD36B53E19030CA15A06A3AABA0F4B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 01F2C6F02D90777D08847AAC21674F3D
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 9676092A126DF166588427E0742B7B41
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Frame ID: 545EE0270BFB53011929DB040830AF8B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3588404895278553693
Frame ID: 855CD98492A498263AB4285BA6748EFD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C4A5FD2CE29726A25A214B09AEDB0847
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2FF06810A2F5216F802024C9B2CE66E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2333851858879476649&gdpr=0&gdpr_consent=
Frame ID: 919A271020140D4B8E03F7BAA0C1E327
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
Frame ID: 763F810F1556FEDA4FE6464D2C6FA747
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 645C167387735A38A8D058C13B71B0D8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 361F97D4DAFEF264AEFD680C7A401DB1
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 65A4E202E5B19CE75D4618D8D15A4D70
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Frame ID: BE891A0593C520998FB9261E6CCE1148
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
Frame ID: EBDA927AC70719AD067EC1F7D698E8B2
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=
Frame ID: 0152C061D5179D255CF41F8C8D4BBDD4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
Frame ID: 5F0311E7D32A809C4EE91348842CCA44
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8YoAAEgzKjcAAAAA
Frame ID: 0EF0848BCA4838624C8B3992C727E8D8
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: A36178E7CB47965A3417A40C0D76DE15
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
Frame ID: F4D303FCFFF29B9E79CC73190FB3045D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum
Frame ID: 8100239B5EECB74558845FE5EAC7C66F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 14FABFEE939BBE7EFEF2D8EA48108891
Requests: 3 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c-rubicon.html
Frame ID: 012C0A237B1CBD8A64C7C701CD4383FA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Transformers.Fall.of.Cybertron.MULTi6-PLAZA.part1.rar - MegaUp

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

481
Requests

82 %
HTTPS

15 %
IPv6

88
Domains

134
Subdomains

94
IPs

15
Countries

4321 kB
Transfer

8752 kB
Size

108
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-519818465%3A1672112138380077&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5M5DI9dUFAhyiqY4Oimeo2nSnmEzWbCPWaa6AevSLL5ardOW8yUk1puJg135vBtRjeeOzoig
Request Chain 73
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-2097058172%3A1672112138415680&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5yFTfhDwyDnnVaXou2NMl9-Yf5hTwKrT7Hlvb3OyeG4a_xOaUxhV1NGTCg61JbvZIwkX8I2w
Request Chain 147
  • https://pbjs.e-planning.net/pbjs/1/2e112/1/megaup.net/ROS?rnd=0.6104939191103533&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.6104939191103533&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D
Request Chain 169
  • https://pbjs.e-planning.net/pbjs/1/2e112/1/megaup.net/ROS?rnd=0.4032087969011324&e=728x90_0%3A728x90%2C970x90%2C1600x1200%2C468x60%2C320x100%2C320x50%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.4032087969011324&e=728x90_0%3A728x90%2C970x90%2C1600x1200%2C468x60%2C320x100%2C320x50%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D
Request Chain 209
  • https://hal900022.redintelligence.net/request.php?zone=qcnz3il3mbuc&nw=20&renderingType=javascript&namespace=837b3e71eb&subid=&uid=0073388b34dbe938&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D40856057513145779109890%26mt_aid%3D8677641587143183134%26mt_id%3D11204414%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D&documentReferer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ancestorOrigins=https%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net&random=5095880263405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900022.redintelligence.net/request.php?zone=qcnz3il3mbuc&nw=20&renderingType=javascript&namespace=837b3e71eb&subid=&uid=0073388b34dbe938&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D40856057513145779109890%26mt_aid%3D8677641587143183134%26mt_id%3D11204414%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D&documentReferer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ancestorOrigins=https%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net&random=5095880263405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 314
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D03eb6f3e33a62c3c%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgISDDgB
Request Chain 322
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 323
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 326
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
Request Chain 327
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
Request Chain 329
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1672112143945 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4095861601
Request Chain 330
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
Request Chain 332
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=cd554bc4-fdc2-4d1b-8da1-473ce97f02d1&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 333
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Request Chain 334
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAg4GOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ssp.disqus.com/match?bidder=14&buyeruid=2333851858879476649&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAg4GOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAg4GOAI=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAg4GOAI=&buyeruid=cee4ba85-5e7d-4c8a-8798-b19da580d0a6&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
Request Chain 335
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Request Chain 338
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7181666973726144662&gdpr=0&gdpr_consent=
Request Chain 339
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3MzUzMjY2MTA2MzcyNjk2OA==&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3MzUzMjY2MTA2MzcyNjk2OA==&gdpr=0&gdpr_consent=&google_tc=
Request Chain 340
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6173532661063726968&gdpr=0&gdpr_consent=
Request Chain 342
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
Request Chain 343
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=61734a39-fbda-403a-8340-82169cdc743a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=61734a39-fbda-403a-8340-82169cdc743a HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
Request Chain 344
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a316611d-81e2-4f7d-6ce5-0b16c1c9df6a$ip$80.255.7.106
Request Chain 345
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=agA8QFLmIat4PE91v_OV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YLHIE4FCRSMNVEWC5BUKBCTSMLWL5HVMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YLHIE4FCRSMNVEWC5BUKBCTSMLWL5HVMJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=agA8QFLmIat4PE91v_OV&us_privacy=1---
Request Chain 346
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1853156886
Request Chain 347
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=jjYtr3zepPUt&ev=1&pid=558355
Request Chain 348
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28as7yq36rlsAbOlihgxC4OliqpGTlRabaSOKxeY9k3Zl3HrJzyGyuu-ZvI0ZEFm_I%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28as7yq36rlsAbOlihgxC4OliqpGTlRabaSOKxeY9k3Zl3HrJzyGyuu-ZvI0ZEFm_I%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&obuid=ENC(as7yq36rlsAbOlihgxC4OliqpGTlRabaSOKxeY9k3Zl3HrJzyGyuu-ZvI0ZEFm_I) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DMn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Request Chain 349
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
Request Chain 350
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
Request Chain 351
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1b33c029-e078-406c-8e25-5c8cb112ee71
Request Chain 354
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
Request Chain 355
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
Request Chain 357
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 360
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Request Chain 361
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y6poEAAADupgXwAe HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAADupgXwAe&gdpr=0&gdpr_consent=&_test=Y6poEAAADupgXwAe
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=&google_tc=
Request Chain 363
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=2333851858879476649&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
Request Chain 364
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8XwAAJ8uVtMAAAAA
Request Chain 366
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
Request Chain 367
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum&tc=1
Request Chain 368
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 370
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&dcc=t
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBlLC_Kvve7UsFiGfajJKgY&google_cver=1
Request Chain 373
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6poDyGUNL2XKEokSTonbgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMoWDYjnme4wfYdVmoUhr5s&google_cver=1
Request Chain 375
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6poEAAAAWRF9QAo HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6poEAAAAWRF9QAo&_test=Y6poEAAAAWRF9QAo
Request Chain 376
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 377
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2333851858879476649
Request Chain 384
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D03eb6f3e33a62c3c%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgIGDDgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgIGDDgB&buyeruid=971b236d-6a95-482e-b81b-70e36da3941a&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-f7db464a-d715-3f19-9ba8-a279aea06639&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgIGDDgC
Request Chain 391
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6321214481
Request Chain 394
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAgYOOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAgYOOAE=&buyeruid=add587ff-9bd5-4faf-80f3-9a1391496188&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAgYOOAI=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ssp.disqus.com/match?bidder=14&buyeruid=2333851858879476649&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkyAgYOOAI=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
Request Chain 395
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 398
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
Request Chain 399
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
Request Chain 401
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
Request Chain 402
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=987c6a9f-e428-4bea-80bd-90f038f45e1a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 403
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Request Chain 404
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Request Chain 408
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=1f7f877bd1&gdpr=0&gdpr_consent=
Request Chain 410
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
Request Chain 411
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=61734a39-fbda-403a-8340-82169cdc743a&bidswitch_ssp_id=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=724870660876&expires=30&user_group=1&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61734a39-fbda-403a-8340-82169cdc743a&gdpr=&gdpr_consent=
Request Chain 412
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Request Chain 413
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3588404895278553693
Request Chain 415
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 416
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2333851858879476649&gdpr=0&gdpr_consent=
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KDETycLPS5Cx_BKusuuBwQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 421
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1917801438 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjgzMTEzQzktQzJDRi00QjkwLUIxRkMtMTJBRUIyRUI4MUMx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFDu1jbu_bZ6cn5AF88u1tE&google_cver=1
Request Chain 426
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7946301243496629626
Request Chain 427
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=377c63aa-680c-4501-a5a9-b7f2240d91e0
Request Chain 428
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
Request Chain 430
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3749402954534979672
Request Chain 431
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687836944&external_user_id=6381f043-8a37-4534-936a-a03672bde37a
Request Chain 432
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 433
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672198544
Request Chain 434
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6poDyGUNL2XKEokSTonbgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJohwTNmlvegmTYrENc_3X4&google_cver=1
Request Chain 436
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=61734a39-fbda-403a-8340-82169cdc743a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=56e313df-896b-4eff-9a6d-ed412f577341&expires=1&user_group=2&ssp=gumgum2&bsw_param=61734a39-fbda-403a-8340-82169cdc743a HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
Request Chain 438
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0d049cc0-c5f1-4a8b-6420-153ffce26c7a$ip$80.255.7.106
Request Chain 439
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=KA0Gi-ko-RXaKcRoS8Q-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S2BGBDWSLLLN4WVEWDBJNRVE32THBIS2JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S2BGBDWSLLLN4WVEWDBJNRVE32THBIS2JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=KA0Gi-ko-RXaKcRoS8Q-&us_privacy=1---
Request Chain 440
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5826440257
Request Chain 441
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=uqLIIu047ssC&ev=1&pid=558355
Request Chain 442
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&obuid=ENC(Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DMn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 443
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
Request Chain 444
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
Request Chain 445
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=42ab4df3-6995-41cc-891e-f6cb2cf2fead
Request Chain 448
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
Request Chain 449
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
Request Chain 451
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 454
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Request Chain 455
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
Request Chain 457
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
Request Chain 458
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8YoAAEgzKjcAAAAA
Request Chain 460
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
Request Chain 461
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum
Request Chain 462
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 471
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ntES6CgvTKqo7xOJxUNyIw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ntES6CgvTKqo7xOJxUNyIw
Request Chain 473
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 475
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=S2X7ICH9g7MH&ev=1&pid=560687
Request Chain 476
  • https://rbp.mxptint.net/sn.ashx HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1D530_FB885602_8C62AC6&expires=60
Request Chain 481
  • https://pm.w55c.net/pingmatch.gif HTTP 302
  • https://pm.w55c.net/pingmatch.gif?scc=1
Request Chain 483
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QVRTN2JDMDcxUGEwS0k1&google_cm HTTP 302
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEOOe1a7CVjhD433GneoNKFQ&google_cver=1

481 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1JFsg
megaup.net/ 		142 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
722f6f4487e53564914419c76f881d7bac8481a460892d614f271d1bb8375447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 03:35:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer, strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
socialsider-v1.0.css
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/ 		35 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f5af895f7beb65666327d0629ed30cebe00dddebabbe9d25be29106234e827a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-8d4b"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
All-stylesheets.css
megaup.net/themes/flow/frontend_assets/css/ 		339 B
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
35e93b818dff2f3ac20ce42e50d2a6eb9e7412605421decaa95ca9bf604a9dbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-153"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
custom.css
megaup.net/themes/flow/frontend_assets/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/custom.css
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cb11ef787fc18b87a0420239ee788379f6218b79ac81fa012ecad676ae1cb144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-3577"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
flow.css
megaup.net/themes/flow/frontend_assets/css/colors/ 		3 KB
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/colors/flow.css
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
91e4749e45a517ca4168cf9573eef0ee72fa93a9b7b96892844e9935afc832af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-a83"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
responsive.css
megaup.net/themes/flow/frontend_assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/responsive.css
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
244c04a213bdb0e13f0d9fa71af6760886ad9d533f80c1f60e21f632096f5e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-e56"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
entypo.css
megaup.net/themes/flow/styles/font-icons/entypo/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
58820cb68dfc11a83c4b797fcef209dcd1352239db0c29e001ce72f29d669211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-45f5"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
file-upload.css
megaup.net/themes/flow/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/styles/file-upload.css
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b6264c4c05c786e5215a5fa9feb5a99a81c924bc26b3e962eeff230750a2d134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-21ec"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
jquery-1.11.0.min.js
megaup.net/themes/flow/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery-1.11.0.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-1787d"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery-ui.js
megaup.net/themes/flow/js/ 		426 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery-ui.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-6a684"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.dataTables.min.js
megaup.net/themes/flow/js/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.dataTables.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-10fe4"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.tmpl.min.js
megaup.net/themes/flow/js/ 		971 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.tmpl.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9509c1e67bedbaded059d0aa8d5cee65cee3c9e3f43a5952a7a233cbc10810ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-3cb"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
load-image.min.js
megaup.net/themes/flow/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/load-image.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b49885ee9e161e5595dfe428642255234d8d557c85699bb8bba72499717498c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-9f2"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
canvas-to-blob.min.js
megaup.net/themes/flow/js/ 		1 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/canvas-to-blob.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
233a048b5eab2ecc75e2f72bf9a65de6ac06e697746156ade5b144305d76ca3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-408"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.iframe-transport.js
megaup.net/themes/flow/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.iframe-transport.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4f3f67c68965b4076cc7bc531f648c3a15aa30c1b9cede0486afd4eb4353f8c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-2427"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.fileupload.js
megaup.net/themes/flow/js/ 		55 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.fileupload.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f809de94a782db6c7c5bc85db8bc8f6b05b1a473f736080b3ea8377fd6ed35cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-dbd4"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.fileupload-process.js
megaup.net/themes/flow/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.fileupload-process.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f6626568ee243b737cdfc12efc464eb97d786bdcce590a0326427e11f360293f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-14b6"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.fileupload-resize.js
megaup.net/themes/flow/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.fileupload-resize.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2d6f1126fbf381ae50f1264f82d5d2c55c400067557abf21387ab4c72af624cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-1f7f"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.fileupload-validate.js
megaup.net/themes/flow/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.fileupload-validate.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
217bffe44b964e10fe120949b9a143b665a8c03a57ab348713de7d8b2878345e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-fea"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.fileupload-ui.js
megaup.net/themes/flow/js/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/jquery.fileupload-ui.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-61ef"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
ZeroClipboard.js
megaup.net/themes/flow/js/zeroClipboard/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c7fe89a030ea54a29616f0a473366e07d109dfb775f2afa050c2de82e3606fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-3bd2"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
global.js
megaup.net/themes/flow/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/global.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ef8a1ff709899584c91496da397de0b0fcab774e3b6d258ccca9997e592e84d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-d59"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
main_logo_inverted.png
megaup.net/themes/flow/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://megaup.net/themes/flow/images/main_logo_inverted.png
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-1be1"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7137
x-xss-protection
1; mode=block
/
dmmzkfd82wayn.cloudfront.net/ 		604 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1600:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
606293f512eec7560d4e1bef7c05c712ea8bba610f50297d9c71306dcedaf0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
190225
x-amz-cf-id
RY-_BCPyi3HCjyCRY-BDiIk6PrxQxegykesfJXoSiaazK6xR2bGIrw==
18410
altowriestwispy.com/tysaSHG1FMaM/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://altowriestwispy.com/tysaSHG1FMaM/18410
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.247 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
32575
keydawnawe.com/gwZ1U5hjA8ii/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://keydawnawe.com/gwZ1U5hjA8ii/32575
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.87.55 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
loading_small.gif
megaup.net/themes/flow/images/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://megaup.net/themes/flow/images/loading_small.gif
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-2d023"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
184355
x-xss-protection
1; mode=block
sw.js
megaup.net/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/sw.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 20 Dec 2022 16:15:31 GMT
server
nginx
etag
W/"63a1dfa3-1927c"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
bootstrap.min.js
megaup.net/themes/flow/frontend_assets/js/bootstrap/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-71b6"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.appear.js
megaup.net/themes/flow/frontend_assets/js/animation/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
fa77538239ff2758ff9fa8ef646cad3e9ca818dd13fbf15ff3ca8a8bee173c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-5c6"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.themepunch.plugins.min.js
megaup.net/themes/flow/frontend_assets/rs-plugin/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ebf4e570b96d611fa540bb8745ba518a1005d50c4589a2c2cf3a60a97151a184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-14cc1"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.themepunch.revolution.js
megaup.net/themes/flow/frontend_assets/rs-plugin/js/ 		193 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d72616e59f2ba832c54a0e734cdf0a79cb8730f81a07b5de43864c15a240e221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-303b2"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.scrollTo.js
megaup.net/themes/flow/frontend_assets/js/nav/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
afff7cdd8f6f0ca43b26573840f5ec5d3302dc1fc2b2209a1163e3978c9d012c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-981"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.nav.js
megaup.net/themes/flow/frontend_assets/js/nav/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
10815e9b5addf60315886f7216b0530fd58fa8580ca6a81687f14ffee517c619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-1547"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.sticky.js
megaup.net/themes/flow/frontend_assets/js/sticky/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9c9f251d98edd1208a6c45aee90ff4011ed964e87e8bb622ae7a45249f1dae43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-1099"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.isotope.min.js
megaup.net/themes/flow/frontend_assets/js/isotope/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-3ead"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
custom-isotope.js
megaup.net/themes/flow/frontend_assets/js/isotope/ 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9930043ffb4753c135a12f6be97e24ef56fdfd5aaf1af6a204d99937a7ba8ef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-71d"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
retina.js
megaup.net/themes/flow/frontend_assets/js/retina/ 		1 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/retina/retina.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4b75d94f66a12f86bb0c238861680cc589c4463ba29be6889ed6dbeb5594aa19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-52e"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
SmoothScroll.js
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
8fa669071ed5fb03e9954ba360885e7ba95fb77ae5448dfc313c3c01202b46aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-1cdf"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
custom.js
megaup.net/themes/flow/frontend_assets/js/custom/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/custom/custom.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a72e6ce7c10983fcd6773f0db77f049b7a85039d3e7212a12ad56fbb8d70a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-1420"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
gauge.min.js
megaup.net/themes/flow/frontend_assets/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/js/gauge.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2d9574ce1b6890bd6ccf1ef3d04fe1328f35c5bbced7b6b331459119ef4fe480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-45b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
clipboard.min.js
megaup.net/themes/flow/js/clipboardjs/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-2296"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-108868042-1
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbf7ff3645c160259d28b0000ae73073d321615471950cdda639faf02d4970ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43630
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Dec 2022 03:35:37 GMT
fonts.css
megaup.net/themes/flow/frontend_assets/css/ 		2 KB
545 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
61a41176d3175622252d5c00b2bab632e4b35d8828380dc4c72dd5efe3a53d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-690"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
settings.css
megaup.net/themes/flow/frontend_assets/rs-plugin/css/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
aed2be655d20468968674662b26c808a995b7288e82168ada025531738e766ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-ce4b"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
bootstrap.min.css
megaup.net/themes/flow/frontend_assets/css/bootstrap/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
69c6352bd7a8de550563a81b40dab2234fa30ff0ae9e90a8b5c896dea033ca3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-1cc1b"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
stylesheet.css
megaup.net/themes/flow/frontend_assets/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/stylesheet.css
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
3b35d09fae892be2b76a67f47bbbcbe289b05a2850e02295f70f9c2e537d927a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-6c82"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
animate.min.css
megaup.net/themes/flow/frontend_assets/css/animations/ 		47 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9b36949876f75f2961b55a066b1f9695ec8c3772771d700e951736b1fba45cbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-bc86"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
font-awesome.css
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7c10acbcb15a2f181df3ad0d009a44f892e406bbfc8f94df12f8a47a71b696e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-59d6"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
isotope-style.css
megaup.net/themes/flow/frontend_assets/css/isotope/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
31ca2164134c089fcedd15176160feea7b4369b404e9c8fd7b410292b9233550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
W/"60758f34-af3"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
raleway_semibold.woff
megaup.net/themes/flow/frontend_assets/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-7cec"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
31980
x-xss-protection
1; mode=block
socicon-webfont.woff
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-51ec"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
20972
x-xss-protection
1; mode=block
raleway_extrabold.woff
megaup.net/themes/flow/frontend_assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-7a70"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
31344
x-xss-protection
1; mode=block
raleway.woff
megaup.net/themes/flow/frontend_assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-7c5c"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
31836
x-xss-protection
1; mode=block
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 27 Dec 2022 02:47:25 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://megaup.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wC2DedBqZISz6K6pZlyCz8pSNiIuJQgU2sg4cG2hTVkqChaHnUwBwVq6pEi2qDMBdV1oC7ws9LDkdAUUvwnmnYfqyyIaervaP6%2B1Pql%2BRM9%2BJkghQhBo1yfYH1B%2F%2BZOb"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
77ff01e03bda9070-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57fa38df85924bcee6caf79238843625c26f22dfd1965f4c23907c1be2a733c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jz1we70Q%2B%2B4aCmTYVVxMt1aH%2FP6Mhd1b6thwdFGhHD1ZAvv5Y0ATCZvf9KbZwv4BhO9sEyY6NmyHsci8OKbYwGpaYtn6I0wGI%2BeVzRm3mMToScEbtZ8wlpTEShTA1rv%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://megaup.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
77ff01e03bdc9070-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
himhedrankslo.xyz/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/utx?cb=JT27USY11nB5&top=megaup.net&tid=761186
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://megaup.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
EGgyXTRESBUTh_SuOUn8j64OfkkJuDPWBySHBktYk0cH5LFBoBUyUw==
OxwOIA
himhedrankslo.xyz/bHVVc08NFzYecA1IN1U6HhloVn0qUGc1KwEYLxgpCE1nBC4VG3sQIwMAMRU9AxshXSEJAXBBCRkWLyV5Og8YIhgEJC03DggWHR4gKScEIQMOAgMlFxseYSseITwWIn4+PzsYHTYtZDcaXAYxKx0URRsdCSQ2AzUHNg0AFRkuJCI3IzokEzc... Frame D52F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/bHVVc08NFzYecA1IN1U6HhloVn0qUGc1KwEYLxgpCE1nBC4VG3sQIwMAMRU9AxshXSEJAXBBCRkWLyV5Og8YIhgEJC03DggWHR4gKScEIQMOAgMlFxseYSseITwWIn4+PzsYHTYtZDcaXAYxKx0URRsdCSQ2AzUHNg0AFRkuJCI3IzokEzceIyQ9Pi0hRBM8DjoCPyI3FBAHCScPMhM+AiIzDCIaCwEtISclPBMJJyYyORgYIh0PMSxcTGAyfjU9Bh12KTI5ACojMAQyCikdOyseDyQGNCwvJC0HBA8SFAsKKR07IQ0cFwE0AjskHRcpNiQYPw5cWGBWfS4zPjYJKwwxNwddNBs+IyksDTJ6FTQBJg4/IhQXHi07MykeIhcNGwYGLT1LHj83BCQePSACIyMLIhA2JwIjFykYKSEyEhkLER49CR83AhssFTM+NTU/RzY/Fz0jACooLjIRNR0BNAAQHj8yMTIKADg3ORkcIhcJNwU0ECItPyIQJQ0LHRlVJR8aOwNyHy83JgMHRxtDKV0/OxwOIA
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
be944eb597206d7b5c221e68e6bdd2c15392df2a66a900b43d310a6fbef682c6

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1242
content-type
text/html
date
Tue, 27 Dec 2022 03:35:38 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
x-amz-cf-id
XVuruIPN25qDTC5bUNmE3AgrhVkETwlCqcaf10FOdDCKNFfdoubF2w==
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 27 Dec 2022 02:47:25 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://megaup.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsBp3AHZC7q0520tz54cVv%2FILVGOWWaeXBtHBKTlVvXc1dCQZVxSxu7yp8ur6u5OnWkBXxqMwRO2Hd3vDwzfJ3yV9m4LZqOqp%2B2P%2FI7uAa%2BtY9ygdPk%2FTok%2F75GozJ3O"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
77ff01e03be19070-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720ecc6fb7452540b02bd809b05091398936652e79a37277824978b6c80d3f6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWCgpNDBHWDtzSe%2FxP8EOdb9KrRwLTbtWxDje5808micHw4m49OOg5MsdWGE6B0acYWfYu7yRYiKKZ3l3ZpVNmNKb8%2BdVsYqen0FnJSos3JvHeHWc5PaF39i8dg2wYXZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://megaup.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
77ff01e03be29070-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
himhedrankslo.xyz/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/utx?cb=TyR8ojYah8eg&top=megaup.net&tid=825911
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://megaup.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
pAbt76oFNDKv_wXFB3VfmQ00_eQAG1_Goa7lMNNBM_rPvCsQz5Tmtw==
Z0NUS0wGITcmcwZ+Nm05FS9pbn4hZmYNKAouLiAqA3tmPC0eLXooIAg2MC0+CC0gZSICN3F5ClINESMIKBsaEwYecjIfCSYrHjweKwE6enokBh0YBQ0BAwMZNXISDXQWJhYsLQEHBjwHHQ4yCXxTMDIsIDEUFyA4PyhgGAA0cjUfKzE2HSd8NQAMMyAzEhopBVR2G...
himhedrankslo.xyz/ Frame 3050 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/Z0NUS0wGITcmcwZ+Nm05FS9pbn4hZmYNKAouLiAqA3tmPC0eLXooIAg2MC0+CC0gZSICN3F5ClINESMIKBsaEwYecjIfCSYrHjweKwE6enokBh0YBQ0BAwMZNXISDXQWJhYsLQEHBjwHHQ4yCXxTMDIsIDEUFyA4PyhgGAA0cjUfKzE2HSd8NQAMMyAzEhopBVR2GQMaJjceHQ0DFgczIDMBHQEGNDsQDCAAKB0jNCUgOno4JBUNDCkgNxsMIAgwGA54JgYMOzYxNDcZKQkOHRo0F3cOLCMfBgw7NjMrJCoqCSA3GgQ9NzcaJysCOjM9LwYRDgczbhoBBFYGcXkKLS8nEhQzOzkINjIBMXgdPxIVATgEEjgpFB4CZx0OXxExLA0EEgUaJywvHRwJPzMuEyQ9Gx0yOzYVMxF4LgURCRseFjkDCSE6MRMBJRsFGSEDJCQMCDAZLQh8BBExJQIsBjgCPCoVFhwOAHZmCCc2IjF4GQEBMyd5QSknJCIXfgMtFSsTDQ4LIyAk
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
1ea92d588ed713028e1149276e5b5f7689b25a1d91c595b471e0de3fb8cb1f8b

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1232
content-type
text/html
date
Tue, 27 Dec 2022 03:35:38 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
x-amz-cf-id
vYSrQjWdKr6VM6-VCxqama5II-Gw2WExCTF7XrXgHD_XY9odXfYJGg==
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 27 Dec 2022 02:47:25 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://megaup.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VezkuAmKWUz60DmUqtgl%2BLRLFRtkUyb5XdYAiogGfFTb%2FcA3GPV0b8VxIk6cWy8WRcqCUDYnLN%2FO98RYpT9KEKRjwGsCIameAqoK2iX0FJnom0VoRQo5T%2B9E2a%2FdPMEn"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
77ff01e03be09070-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1279b2bdd3e73ae26c278e92a532d6540377a518dbe81df0cbba41aa585f5cd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZQ9cnysK1jAWs%2FSQMtzjPqyITjSaCC95F%2BDsYjGFBHRB%2BGWTBaLU9t4tvWb4oKb8i2Em5aXMrUXtTpCRXDbupcPVWxumusO3ljpTbRULrzl2pmvJvN9hj8tx1xSEmU6"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://megaup.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
77ff01e03be39070-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
himhedrankslo.xyz/ 		0
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/utx?cb=z3dPJrUu5nj4&top=megaup.net&tid=876318
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://megaup.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
Ra248Kgg6GTtsCz90BuzmyjO2iJMLlrU2Ciw4PlmH23MEC9HufAJFg==
Q0tGMWIiKSVcXSJ2JBcXMSd7FFAFbnR3Bi4mPFoEJ3N0RgM6JWhSDiw+IlcQLCUyHwwmP2MDJAkSdHwVJxwhcCYFfxJnGiAAEHQKEh0AZCYRDQR3IRYGJ3MKDS4TVi8FDhJjAAl6NUYtFgIIYQ4KJiUALyAMF1IsER5yYSMvfxVnNxYMHlk4FR4tZzAGGjZUNDsSB...
himhedrankslo.xyz/ Frame AF20 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/Q0tGMWIiKSVcXSJ2JBcXMSd7FFAFbnR3Bi4mPFoEJ3N0RgM6JWhSDiw+IlcQLCUyHwwmP2MDJAkSdHwVJxwhcCYFfxJnGiAAEHQKEh0AZCYRDQR3IRYGJ3MKDS4TVi8FDhJjAAl6NUYtFgIIYQ4KJiUALyAMF1IsER5yYSMvfxVnNxYMHlk4FR4tZzAGGjZUNDsSBHYjNAICYw0LCAdnJQUsdnAgBg0SeTMJLh5jDRAIIQgBBQ53YygSHSRmJxkZB3dSJQghADcEI35gMCQBAHMKJwwHWjQZHnYBIxYNNVkwJAEAeRUsBQRaJA0eBXQ0EXohUzQSZhRSNhUNEmQzFhICRjgLDgdeKwAgFGA1Kh0RcFIJDBN3NxUZd1kuAA0hcyAScgFwCBkFE2csIAMHfCURLAx3JjQSB2YaMwkUXScCDSFwMAcNdmA2FQ4qcDcVGhJnLyYaAEU1FCNzdDUvLwFwCRYpB1Y0EQkxdyUWExxwNXIZCHBSDQQAXVYBbSxCDS07e1MULjkRWjBwGBxDGhV6A3I
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
206e84c47dae9d7e010bacf725273b665abdfe4ba6f129c1082c48e72c875fce

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1238
content-type
text/html
date
Tue, 27 Dec 2022 03:35:38 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
x-amz-cf-id
i5ddMBVS8fF4mUAMg_Hi3GuqqfeH1qgMOT_jXYq0YYo2xqNZLp-f1A==
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
NEEaCT8BcyU6Q3YANjoWBlMVWU8JYzYpQxxFMT0+OlUELSsweDooTwVkCTlOMmddDzYGagROSBVjHD0xGVg5LjkSBx8KPh1zJSNKYXUhXzIydRgqOzRRBSYoan8iWEMidwdbKxpYEz0rFXM8CkoRViQjS2NgJjEiN3oiKSxiaB8KPxJlMRIJZHMXEzI1SggtLD9kG...
himhedrankslo.xyz/a3pTMnAKGDBfTwpHMRQFGRZuF0ItX2F0FAYXKVkWD0JhRRESFH1RHAQPN1QCBBQnHB4ODnYANlIuBUIHMS0aRz45ThdqJAAAFXQYCR8EfDk+SwlAPSo3GHY0WhQYcx8cPCpFQi0APHk5EygXdBoIX2FwJD0sFnskGB8SXkkZKisGNzNJKwo... Frame 8B4E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/a3pTMnAKGDBfTwpHMRQFGRZuF0ItX2F0FAYXKVkWD0JhRRESFH1RHAQPN1QCBBQnHB4ODnYANlIuBUIHMS0aRz45ThdqJAAAFXQYCR8EfDk+SwlAPSo3GHY0WhQYcx8cPCpFQi0APHk5EygXdBoIX2FwJD0sFnskGB8SXkkZKisGNzNJKwo1Oj8SUTdeLRZzPhw0KwoWKAMWADU+OAJxQlIfBWcUTkgVUxwMKRBLPU5IEXoIIigydRgqOStoHwo/EWclBjQiZCYyHTJ1GCo/NEEaCT8BcyU6Q3YANjoWBlMVWU8JYzYpQxxFMT0+OlUELSsweDooTwVkCTlOMmddDzYGagROSBVjHD0xGVg5LjkSBx8KPh1zJSNKYXUhXzIydRgqOzRRBSYoan8iWEMidwdbKxpYEz0rFXM8CkoRViQjS2NgJjEiN3oiKSxiaB8KPxJlMRIJZHMXEzI1SggtLD9kGgovCXY2WDghFBoYFT1CTTMVAWgGLQgLdQkP
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
51f2fa4ff65e76d8c45339f923852c58b4c9de645bba78fbedbfa095e59ab6c6

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1216
content-type
text/html
date
Tue, 27 Dec 2022 03:35:38 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
x-amz-cf-id
UIxHCuf1Sx0we4y4GchALtRyeJZ9BYZEylnbJ00VhGB76CaAbr0xHw==
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 27 Dec 2022 02:47:25 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://megaup.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DLeVf5PHPF0eox3VpAczXk3p%2FUvWlXszPmInnjWfHQ49ZkeOit%2BC9DO6Ig%2FOD%2B%2FNfeRZ3J6yAWNKyiJWkhG7GCDA6nhEFCg156f9XVcianCvHzhv35iuUiOXI%2BEb%2BBp"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
77ff01e03bdf9070-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4db5bdc9ade424c8af68bc735857909c9289a5efe54d1075399ff436c5bcae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNNq%2BL3ZMB5mP7juQwcleIOSf%2F6Btnf%2BzGPbLgwbiPvA7GhBNgqsQ68tzjJkU7R7wfNQLpvmHlNNYYmSUWW2IBJ5tNvqWdKRMSIHmwRUrrRjKVYirGWAs%2BxvagQeOCkv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://megaup.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
77ff01e03bdd9070-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
himhedrankslo.xyz/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/utx?cb=esgoQ8nyqVpJ&top=megaup.net&tid=764141
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://megaup.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
xQbyW6RsnlJk7LrtizKcU-dVbf1UZmjJSMpqeoCpV-9qpy5NtDZ_1Q==
AgIdHycDFzEkCi1vGjxVDB4yCD0oMwIJJBNraAoKLSkaFjhTHhALCCBoEgE3DzZvH10xMhoWDh4bMQALBh0OISImMisfO1U0AAIJCgkfEBgGHQ4hJDUPNhw7CCAAMhkdAmocOAJoFgAOVW9tCwVJajUELhM9GwE8LBMbCyQ+GSh9NyIqbB1eXSMAdzchEzJ9NystG...
himhedrankslo.xyz/WEVtZFo5Jw4JZTl4D0IvKilQQWgeYF8iPjUoFw88PH1fEzshK0MHNjcwCQIoNysZSjQ9MUhWHDoWOwAuDigaFRUZCBoxIGhgXyYZDzEPAmgWJjQIay4VP1BvGS8BFQoffSk0Hi8CLCBibwldFzMeLFwVAgAELC8eMw4MVDUrCjxRKAASVVY... Frame E6E6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/WEVtZFo5Jw4JZTl4D0IvKilQQWgeYF8iPjUoFw88PH1fEzshK0MHNjcwCQIoNysZSjQ9MUhWHDoWOwAuDigaFRUZCBoxIGhgXyYZDzEPAmgWJjQIay4VP1BvGS8BFQoffSk0Hi8CLCBibwldFzMeLFwVAgAELC8eMw4MVDUrCjxRKAASVVYZDBc/AgIdHycDFzEkCi1vGjxVDB4yCD0oMwIJJBNraAoKLSkaFjhTHhALCCBoEgE3DzZvH10xMhoWDh4bMQALBh0OISImMisfO1U0AAIJCgkfEBgGHQ4hJDUPNhw7CCAAMhkdAmocOAJoFgAOVW9tCwVJajUELhM9GwE8LBMbCyQ+GSh9NyIqbB1eXSMAdzchEzJ9NystGjY3N28iHQMPbRoBXS44HxMJKQszND0lEH13KzcCLCspDm49DwcLEzt0WTQANHQYNTQ0cDojDAImJQg5AgMFFwAOdQEgCWB3JR5jEiAVIgMCExkKAB4xGiMCCihLDik3Kx1ZC2EqGA8xDhYfHA
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
07b85311657c41cc021ef736108eb718a91438212a8ea136b5e2caa6e7381f15

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1234
content-type
text/html
date
Tue, 27 Dec 2022 03:35:38 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
x-amz-cf-id
Ob0FiMUWeYMCpTTUbi1bpMzlgDlye7pwPF2ev3SRodl-dILoBpHN5Q==
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
RUlDcmJqdiABXxQlESg7EA9yKFB8ESBBLC0rLzQYIXsVATd2KmUGCyF0dERTdHF1VBIsLX5DRDY9IgYXNnRyVAsrLyxPRDN0clxRcWdwQ0x3bzZPU2M9MxMFeHhlAhYxJX5DVHJ7ckNQdHp7Q1V2
othdgemanow.xyz/ 		0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/RUlDcmJqdiABXxQlESg7EA9yKFB8ESBBLC0rLzQYIXsVATd2KmUGCyF0dERTdHF1VBIsLX5DRDY9IgYXNnRyVAsrLyxPRDN0clxRcWdwQ0x3bzZPU2M9MxMFeHhlAhYxJX5DVHJ7ckNQdHp7Q1V2
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dv%2F6NSd0YENRmUg4VDW93ruX7kZCSDjBp%2ByyvCzoOx1dYKSAb%2B%2FKdFOFxfUdCt3Iu%2BNDRrUNG3J8NWe8M1njxAEUxo%2BxehkF%2FxudPRNhbFNGvFqMjFrBqJG9IFI7taqCeXs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e0d9659b2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S-519818465%3A1672112138380077&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-519818465%3A1672112138380077&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5M5DI9dUFAhyiqY4Oimeo2nSnmEzWbCPWaa6AevSLL5ardOW8yUk1puJg135vBtRjeeOzoig
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Dec 2022 03:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-mRXjz0IkjVUsuLVXqKtP1A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
391
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-519818465%3A1672112138380077&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5M5DI9dUFAhyiqY4Oimeo2nSnmEzWbCPWaa6AevSLL5ardOW8yUk1puJg135vBtRjeeOzoig
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S-2097058172%3A1672112138415680&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWeb...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-2097058172%3A1672112138415680&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5yFTfhDwyDnnVaXou2NMl9-Yf5hTwKrT7Hlvb3OyeG4a_xOaUxhV1NGTCg61JbvZIwkX8I2w
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Dec 2022 03:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-i2bEVEuAA-l-hAFWKH9IHw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-2097058172%3A1672112138415680&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5yFTfhDwyDnnVaXou2NMl9-Yf5hTwKrT7Hlvb3OyeG4a_xOaUxhV1NGTCg61JbvZIwkX8I2w
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
XUNnXDoNFmtJeEIBIhs+EQFrS2wNHDAVd0IEa0pkXFxnT2RUVCNHe0IGJhstWUNwCj4QHmtLfFNAZ0t4VUFuSHpS
othdgemanow.xyz/ZHJWekpLTTUJdzFBOgsFPCQnKRxQPgc9CCgnMQIPPhkUHwsxN3AOIwBPbkh/ 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/ZHJWekpLTTUJdzFBOgsFPCQnKRxQPgc9CCgnMQIPPhkUHwsxN3AOIwBPbkh/XUNnXDoNFmtJeEIBIhs+EQFrS2wNHDAVd0IEa0pkXFxnT2RUVCNHe0IGJhstWUNwCj4QHmtLfFNAZ0t4VUFuSHpS
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU%2Fbu8QN4CsCxQyMP1psKLsb%2FmSQ4NNPbtjEV3yKbNnu%2BI0%2B3CeXFX4c8RJ6mVNIIDb40FvQ5eYGtQ9P6uxhAoW3U43HDih2LbsCNIa%2FJwul6hJ%2BWs8ispYyReVElJQvAsg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e0d9669b2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
djdhUFBZCAIjbRJwJGAEMWEvBQE0ElMSBTNTNRQYGmIwBjc3UycVdgJeBW1oRAJYYWFQRwg0bUUFRyMkF0MUI21EB1Fndh9ZBz9tRBEXbWBYD09hZVgHRyVtRxEVIDERClB2IAJDDW1hQABTYWFEBlJoYkYA
othdgemanow.xyz/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/djdhUFBZCAIjbRJwJGAEMWEvBQE0ElMSBTNTNRQYGmIwBjc3UycVdgJeBW1oRAJYYWFQRwg0bUUFRyMkF0MUI21EB1Fndh9ZBz9tRBEXbWBYD09hZVgHRyVtRxEVIDERClB2IAJDDW1hQABTYWFEBlJoYkYA
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfNxrQlPH6YWL1GzNo6lY0Hhbdp3mCgYQEmAzAXeJbEZ8Dv5VmWq3OWJTQfZ3wAzRzGloVqTkcSWgKou9bQpTQ5a5S4cFlJiFnIGhZrRPeRrWI3PTyIA5JEEkrCwFAwl31c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e0d9689b2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
b2daOEVAWDlLeAsKMQkfAzEYbQQXAgMIFw4mDHIsPiEfdhACInxMLAtaYg9zXFZiHjUGA2cKfEkULlkxGhRnCWMGCTxXeEkRZwlrX0lsCGteQS8FdEkTKlkiUlZ8SDEbC2cJc1hVawl3XlRiCnRX
othdgemanow.xyz/ 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/b2daOEVAWDlLeAsKMQkfAzEYbQQXAgMIFw4mDHIsPiEfdhACInxMLAtaYg9zXFZiHjUGA2cKfEkULlkxGhRnCWMGCTxXeEkRZwlrX0lsCGteQS8FdEkTKlkiUlZ8SDEbC2cJc1hVawl3XlRiCnRX
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRhj5mVpkgv8AsCS%2F1bEEIFvq5Wb6xcojvGOSzKAbYMpkB6rHhx81bXMYymEH%2FV1DTqSijblMUIV755JxggEjeGwEIv72AognC0dZdErEhFcV4a5mmTgbM6I2kHJqXqgctk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e0d9699b2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
XAEwGkEHITs5cmhwZAddWysDEm5EdwExUhY3PBMECXdsTw8EZSUeXQ1ybVFKRCIhAkoNcnMeV1YsaFFPDXJ7RxcCbWdRTA1ycwNJUSRoRh9ANyEbBAF1YkUIAXFkRAECcGU
othdgemanow.xyz/dzkwQ1VYBlMwaCN/ 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/dzkwQ1VYBlMwaCN/XAEwGkEHITs5cmhwZAddWysDEm5EdwExUhY3PBMECXdsTw8EZSUeXQ1ybVFKRCIhAkoNcnMeV1YsaFFPDXJ7RxcCbWdRTA1ycwNJUSRoRh9ANyEbBAF1YkUIAXFkRAECcGU
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XF0PzfCyrZXP6J0e8%2B2lArWwJ09j8PeEOsoc7DL2hZ8LrdvGBfb2yk0wsrm9QxD%2BHUEz%2F%2F70ebMYGN2Gs0sOqX0H2B6J8U6aIisrIBDlB0ORMwNRtvd%2FZJdNuU%2B5MDVgU8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e0d96a9b2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
EB8jAC4gPA0tFzcgKDFAIBRYJl8zGw1KTnFGWENIYQIAE0R2VBoDGDMHGkpIYRsHERZ6VB9KSGlBXVlKdlxbUQx6Q08DCSYVVEZfNwYdG0R2RF5FSHZAWERBdUZd
othdgemanow.xyz/aXd5R3JGSBo0TycwDRIhPj4/ 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/aXd5R3JGSBo0TycwDRIhPj4/EB8jAC4gPA0tFzcgKDFAIBRYJl8zGw1KTnFGWENIYQIAE0R2VBoDGDMHGkpIYRsHERZ6VB9KSGlBXVlKdlxbUQx6Q08DCSYVVEZfNwYdG0R2RF5FSHZAWERBdUZd
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1D88JTuStFzYBjwMCSxvRZXIMyNDsMhrU9y%2FsVu8mfm%2Fbgmfpeo9BFTcjXH0P5T2z3jvujYyucZ9oK2UckznZLCem84%2BNjfpvSwKQFLjvuxQhTPD1WNSWCByoV%2FghlLp8k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e0d96b9b2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
dmmzkfd82wayn.cloudfront.net/ 		47 B
446 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1600:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
gzip
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://megaup.net
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
73
x-amz-cf-id
zU3iQfAyBPODnJYeBLvhGXSBFsgCbsowUf_MKiVexyaxIWYsVIeqwQ==
THpWSDk3WCU%2FZjkIOmoDbhIiPEk%2FQHlnVCkdNz1JYhQzPBY%2FDXgiSm5WdDtUKlhseRVuCTs%2BG3ZYYmYKblZ0PFgrJT8sG3ZYbnsLekllahVuCSMqZiUeZGoDbhxuewovSmIqFHofZioUeB40eBR1Tm5%2FFCpMMy1cLx81K1ovH3Q1
theharityhild.buzz/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://theharityhild.buzz/THpWSDk3WCU%2FZjkIOmoDbhIiPEk%2FQHlnVCkdNz1JYhQzPBY%2FDXgiSm5WdDtUKlhseRVuCTs%2BG3ZYYmYKblZ0PFgrJT8sG3ZYbnsLekllahVuCSMqZiUeZGoDbhxuewovSmIqFHofZioUeB40eBR1Tm5%2FFCpMMy1cLx81K1ovH3Q1
Requested by
Host: megaup.net
URL: https://megaup.net/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.162.51.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-51-18.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
x-powered-by
Express
access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
1811811
ad.a-ads.com/ Frame 0F77 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1811811?size=300x250
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.97.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.71.97.63.178.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
a4a0ee2a2853991639ecc9766f083dee223823deb4b5870898c26382b9c0eae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 27 Dec 2022 03:35:38 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://megaup.net/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
async.php
platform.bidgear.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1672112138284
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b61859370df7a83e174f1cc0ff8e54283434ab0efd738605f8b712f965e677e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrEF%2FdFDJIKzHwdUkQuJqhAj3A3PKPQE30gzBQX2zt2iqBXDVZ7Wz2Y1F6XiPyvYVudAaPNI4rILX1IfO2fDpz%2B0gjdBWRnQKQRsIB8EjFsllzm4w47CXo1P2bSBpsL3wCAD8%2BOFxfRFbCBjZkeZB3vB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
77ff01e22ec09bac-FRA
expires
0
008.gif
megaup.net/imageads/ 		476 KB
477 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://megaup.net/imageads/008.gif
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a1d2f8f90af0349f42afb4e6f0a851700f19cd866a1ec03947f8c1a4db3fb868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 29 Mar 2021 20:01:36 GMT
server
nginx
etag
"60623220-770a0"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
487584
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108868042-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 02:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4098
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 04:27:20 GMT
300x250
static.a-ads.com/a-ads-banners/393795/ Frame 0F77 		609 KB
610 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1811811?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.97.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.71.97.63.178.clients.your-server.de
Software
nginx /
Resource Hash
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
x-amz-version-id
FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
last-modified
Tue, 31 May 2022 13:40:41 GMT
server
nginx
x-amz-request-id
835GD5XC9KN672EM
etag
"022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
623504
x-amz-id-2
+kP2tYIHieSmX2+cqA11a4vGMXbsfeiLvXAvOg9l7Ry1Y9WdOfiiNeVCEpYExdOO63dK/szOpow=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 0F77 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
utx
parrecleftne.xyz/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=38gSHVsgre7f
Requested by
Host: megaup.net
URL: https://megaup.net/sw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-83.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://megaup.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
5AwCyhWrNp2hCLMTkINQyUQxMyApTavJxy5bgwmnSe64nFPpnD2n5g==
enk1MDJVRlZDDy89f0lgPAlbcWcoAFR3dzIrbWJdICh7eFYXDhNEWx5EAgYDS0EDFkITHQgBFAkNVERHCUQGAAJLX1xeVBVEBQACS19DDQNUSgEeAUtXBxZHR0gDBAVITQEJAkNOBgQCTUsTREIbHggBFAoNQVwPS08CAgNLSwQDCkxPBA
othdgemanow.xyz/ 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/enk1MDJVRlZDDy89f0lgPAlbcWcoAFR3dzIrbWJdICh7eFYXDhNEWx5EAgYDS0EDFkITHQgBFAkNVERHCUQGAAJLX1xeVBVEBQACS19DDQNUSgEeAUtXBxZHR0gDBAVITQEJAkNOBgQCTUsTREIbHggBFAoNQVwPS08CAgNLSwQDCkxPBA
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYEkRRm%2FWJD0w%2B1aD2kNZAG%2BxDm3gbhU2JuyN3TImYltumw%2FxeZIoic1dPDv0MBcc6gVDRpDoDSEVmt3xZ47xxxQ8jfy2Wo7i599Pq877t%2FvBZrpqLV%2FvK7L9e20TsxLo8Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e2f94bbb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
theharityhild.buzz/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://theharityhild.buzz/
Requested by
Host: megaup.net
URL: https://megaup.net/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.162.51.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-51-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
popunder.gif
othdgemanow.xyz/ 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://othdgemanow.xyz/popunder.gif
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
HIT
last-modified
Sat, 24 Dec 2022 20:23:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
198723
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F1zFL%2FOEvF1bvPKin%2FaDfdzBKfAb1wQVRjTEosNaXn8iqvbPXDOFYyBuDNm570ZsmvjBc%2BAABvlkOJmjE4jOjEM1snxemtDQPNDyV2nvt9v2ArObc8r2YVfXuueJJLrP2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
77ff01e2f94cbb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1354860680&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ul=en-us&de=UTF-8&dt=Transformers.Fall.of.Cybertron.MULTi6-PLAZA.part1.rar%20-%20MegaUp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=197709978&gjid=534541449&cid=220436011.1672112139&tid=UA-108868042-1&_gid=425895954.1672112139&_r=1&gtm=2oubu0&z=998881023
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://megaup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
agent.js
cdn.purpleads.io/ Frame F5D3 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1672112138284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46cce4c9a098122fafa7c570d1e91a20c695decf19a2e65dee2e8ce57cda9e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 14:45:02 GMT
content-encoding
gzip
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 10:53:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
46239
etag
"bf50d3fb07f697488c398a5cb8c8db3a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
19305
x-amz-cf-id
5pYNZonDNx4c_vddmtOR-qyb4pJGR-6k-Ckp8fP5Ri_5oPxNftGkWA==
infinity.js.aspx
cdn.engine.4dsply.com/Scripts/ Frame F5D3 		164 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3fb9df743b4635f3643e72a5ee1a4ddfe6615a14682474acde7a573e5f3230d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Dec 2022 03:28:51 GMT
server
cloudflare
age
19
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=900
cf-ray
77ff01e39f5f914a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 27 Dec 2022 03:50:38 GMT
video-agent.js
cdn.purpleads.io/ Frame F5D3 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1672112138284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb01ffd065001e66eb6ce604fe281c946e74c4673b919053baee7c343e232e5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 09:18:12 GMT
content-encoding
gzip
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified
Tue, 20 Dec 2022 09:10:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
65847
etag
"21d8c1af95ef899fdd41e7c655a8a8ff"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15835
x-amz-cf-id
328naltdVtf2v0IWz2i_UHMWPkdQLNMa6Vo11OeOLSd0kPDakGsWkQ==
rec
imp9.bidgear.com/ Frame F5D3 		599 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imp9.bidgear.com/rec?t=1&z=6192&uuid=f917305a6d7b43dfbd4d8476633d8789&p=61&g=DE&token=4a44335432&tbg=1672112138
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHjZEesaRVy%2Bhn8QMh1wBTqNOhYLMhL7EgunNYob%2BYiYtNhPuQz5bAFzBf8xmQz%2FbQP9cH2W8Dc8ruOx2UZxq1zVQrHEyHEpP0O9Yu4drGNnzPUuHrkSAIFLrS%2BCdQewJxVTrKeJYXhNu1N6D8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
77ff01e33f9f9bac-FRA
content-length
599
b15.png
platform.bidgear.com/media/img/ Frame F5D3 		649 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.bidgear.com/media/img/b15.png
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
409834
content-length
649
last-modified
Mon, 25 Jul 2022 09:43:43 GMT
server
cloudflare
etag
"62de65cf-289"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD61xe28Asgrsz5h%2BLLexkhmJUjEoMGG%2FJ7PyLKLVrLuYvrba8d6POOjmAXw%2FsKPt61JOKpqbc3WeA1TPd1agtgG9PURyS0aukecMw31iGrKBZcC6LS1y6Sfuo%2Bor%2FivTMuDQKi8%2F1WTrFvibPwfrMaz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77ff01e30f7a9bac-FRA
expires
Sat, 21 Jan 2023 09:44:58 GMT
eAkFS3J4BwBeMjhRVUV3bkBGDCp1AQRPdHkBAEl1cAcESg
othdgemanow.xyz/RkgwMnhpd1NBRSMkdQcuLCR0ayl3I3R3FCwJZ38xEnpXfBoheBZGESJ1CABNf3kBFAgvLA0BSmA7RFMMMzsNAEh2fxZbFiAnDQBeMHUAHEBoeQUcSGA9DQNOcn8CBkx/ 		0
396 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://othdgemanow.xyz/RkgwMnhpd1NBRSMkdQcuLCR0ayl3I3R3FCwJZ38xEnpXfBoheBZGESJ1CABNf3kBFAgvLA0BSmA7RFMMMzsNAEh2fxZbFiAnDQBeMHUAHEBoeQUcSGA9DQNOcn8CBkx/eAkFS3J4BwBeMjhRVUV3bkBGDCp1AQRPdHkBAEl1cAcESg
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGvpuu2LK%2B1Vf63cC7N8JjF60tbJAG6q9Xd8aEpEXhpkHx%2F84xaxW4RMqv0bfno9QgCe44G3sn6ukqQ9Rt%2FSWxQJ%2FQ0zq1vkYxXsb3%2B7tdMLnPCa2cyPzTYyVpXBErBbH7w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01e359b5bb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
floater
himhedrankslo.xyz/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/floater?cs=Yk9kNVJbf1AHZ1F9XABjV3ZQDWY&abt=0&red=1&sm=83&k=download%20file%20transformers%20fall%20cybertron%20multi6%20plaza%20part1&v=0.8.15.0&sts=0&prn=0&emb=0&tid=825911&rxy=1600_1200&u=1647244909734072&agec=1672112138&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=425.53191489361706&ref=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F108.0.5359.124%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi1_&_7mU5=1672112138763&crc=1
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
4b5acb48cadfd6669e41951d81d296cb78b8261fb12c55589d6e3cbc12a48a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://megaup.net
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
862
x-amz-cf-id
IOfWGzMfDc4d5DsXNYTnLjgb2aIXiqZciGd9gMeg_VEHLq1sbbuDrg==
multi
himhedrankslo.xyz/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://himhedrankslo.xyz/multi?cs=YloxeHhVYwhATlBpBUxPVGIJTEw&abt=0&red=1&sm=76&k=download%20file%20transformers%20fall%20cybertron%20multi6%20plaza%20part1&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1600_1200&u=1647244909734072&agec=1672112138&fs=1&mbkb=425.53191489361706&ref=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F108.0.5359.124%20safari%2F537.36&tzd=0&uloc=&if=0&_ppOX=1672112138764&crc=1
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.61.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-61-9.bom78.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
839130e063efbbe8d7d0ec02a38f8f000a6f86c5999a8eb2735192f35bdced7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:38 GMT
content-encoding
gzip
via
1.1 1322009953622364e2aeebe7f1810218.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
BOM78-P4
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://megaup.net
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1551
x-amz-cf-id
I0gLHeX4aRQZuFY_q8Fbz9UTk6Wb71_NMVYUdS2u3RhktqFet7ZrDg==
/
c.adsco.re/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7f44afbd93184255019e84f910d384402ea730e97fcb91094874532998f014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
br
cf-cache-status
HIT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server
cloudflare
age
1935657
etag
W/"xkCBFtC0Wl/JiS60JFipuQ=="
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
77ff01e4dd369b7d-FRA
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 27 Jan 2023 03:35:39 GMT
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1672112138950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:39 GMT
x-request-id
bff7e20e-aa8e-4ad9-8caa-345883fe2efb
init
api.purpleads.io/x/ Frame F5D3 		87 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1672112138950
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
etag
W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://megaup.net
access-control-allow-credentials
true
content-length
87
x-request-id
654b8585-4173-4167-88ed-70113bc36449
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Tue, 27 Dec 2022 03:35:39 GMT
prebid-video-7.22.0-2022-10-26.gz.js
cdn.psdn.xyz/ Frame F5D3 		262 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e2e36065bc293def46f304ec1c821797d909addf533405588ff146c856d0ea68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 26 Oct 2022 13:24:00 GMT
x-sp-metadata
HS256.CJvsqZ0GEocBCiRhYTU3YjRlMC00Mjk1LTRlZGEtYjU1MC00NzYzMDRkM2U5OGIQgMGmkNnD+wIaBgiL0KmdBiIMODAuMjU1LjcuMTA2KL6yAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYWQ5NDcwNDgtNjQ0ZC00Njc0LWIwMWYtMmQwOTRiNDI2NTA2GOujBSIYCAISFGNkczI2Ni5mcjguaHdjZG4ubmV0.gj3aD6GPYCL0I3OysEXS5SdO/Oo3F9h7pUJhjl8vMPQ=
x-amz-request-id
tx00000000000010aa8e2d5-00635934f8-34c5ae65-nyc3b
etag
"700d1de734b4979c4c3059b613e9d7b1"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1672112139.dop154.fr8.t,1672112139.cds235.fr8.hn,1672112139.cds266.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
86507
JY2MwdWgADF4TVxcKVEhQVFUDRFBFCUMaBhNeUgMFETRbJ1swOUINPlImc1McGQcNRU4PAl4SVUUGXhZVUkVREQpeVxYBGAwIDRoHCAVGFg0ABEFTHQJeXRoSCg9cFE1RJQVbWEZRAF0fCg1UGh8QRgJFBhdGAkVZU00AUFshRgJFHwoNBkFNUCEVR1gbVQ-RcTVF...
dmmzkfd82wayn.cloudfront.net/ Frame AF20 		592 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/JY2MwdWgADF4TVxcKVEhQVFUDRFBFCUMaBhNeUgMFETRbJ1swOUINPlImc1McGQcNRU4PAl4SVUUGXhZVUkVREQpeVxYBGAwIDRoHCAVGFg0ABEFTHQJeXRoSCg9cFE1RJQVbWEZRAF0fCg1UGh8QRgJFBhdGAkVZU00AUFshRgJFHwoNBkFNUCEVR1gbVQ-RcTVFTUQUYDwZHEAoICkRQWiVWA0JGUFUVR1hLCFgBBQ9GAjZNUVNcHAMGRgJFDwYAWxpBRlEAFgARDF0QTVElAUVQTVMeQFtWWh5EWldGAkUbAgVRBwFGUXZAW1RNA0NOFl4B
Requested by
Host: himhedrankslo.xyz
URL: https://himhedrankslo.xyz/Q0tGMWIiKSVcXSJ2JBcXMSd7FFAFbnR3Bi4mPFoEJ3N0RgM6JWhSDiw+IlcQLCUyHwwmP2MDJAkSdHwVJxwhcCYFfxJnGiAAEHQKEh0AZCYRDQR3IRYGJ3MKDS4TVi8FDhJjAAl6NUYtFgIIYQ4KJiUALyAMF1IsER5yYSMvfxVnNxYMHlk4FR4tZzAGGjZUNDsSBHYjNAICYw0LCAdnJQUsdnAgBg0SeTMJLh5jDRAIIQgBBQ53YygSHSRmJxkZB3dSJQghADcEI35gMCQBAHMKJwwHWjQZHnYBIxYNNVkwJAEAeRUsBQRaJA0eBXQ0EXohUzQSZhRSNhUNEmQzFhICRjgLDgdeKwAgFGA1Kh0RcFIJDBN3NxUZd1kuAA0hcyAScgFwCBkFE2csIAMHfCURLAx3JjQSB2YaMwkUXScCDSFwMAcNdmA2FQ4qcDcVGhJnLyYaAEU1FCNzdDUvLwFwCRYpB1Y0EQkxdyUWExxwNXIZCHBSDQQAXVYBbSxCDS07e1MULjkRWjBwGBxDGhV6A3I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1600:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d385de21d436fc01612adb6355a8e431e60d0502ecbf11b5b9fb037645158575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://himhedrankslo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
445
x-amz-cf-id
A9Fb7kDpYOWCyO_jPLhqUBpRd797IgT6Go4sgdwE7t0x83eKHQPqzw==
SXtnDj4eJjoIc14PZl1uQnl5WGVZcHlcZFhsZV0lDS82Hz9JexFYZVtnZFtwGXRm
dmmzkfd82wayn.cloudfront.net/bSVdtVmwqOAMwUz0+CWtbf2NcYl1vPR45AjlqPG8DPDwGAD87L0siFi1qXXAAKDkKa0osOQ5rXW82CTRRfXEZJgMiagI5By8hDjMPLiZLIw10OgIsBSU7DHNeD2JDZkl7Z0UhBSczAiEfbGVdOBhsZV1nXGdnSGUubGVdIQU... Frame E6E6 		822 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/bSVdtVmwqOAMwUz0+CWtbf2NcYl1vPR45AjlqPG8DPDwGAD87L0siFi1qXXAAKDkKa0osOQ5rXW82CTRRfXEZJgMiagI5By8hDjMPLiZLIw10OgIsBSU7DHNeD2JDZkl7Z0UhBSczAiEfbGVdOBhsZV1nXGdnSGUubGVdIQUnYVlzXwtyX2YUf2NEc155Nh-0mACwgCDQHICNIZCp8ZFp4X39yX2ZEIj8ZOwBsZS5zXnk7BD0JbGVdMQkqPAJ/SXtnDj4eJjoIc14PZl1uQnl5WGVZcHlcZFhsZV0lDS82Hz9JexFYZVtnZFtwGXRm
Requested by
Host: himhedrankslo.xyz
URL: https://himhedrankslo.xyz/WEVtZFo5Jw4JZTl4D0IvKilQQWgeYF8iPjUoFw88PH1fEzshK0MHNjcwCQIoNysZSjQ9MUhWHDoWOwAuDigaFRUZCBoxIGhgXyYZDzEPAmgWJjQIay4VP1BvGS8BFQoffSk0Hi8CLCBibwldFzMeLFwVAgAELC8eMw4MVDUrCjxRKAASVVYZDBc/AgIdHycDFzEkCi1vGjxVDB4yCD0oMwIJJBNraAoKLSkaFjhTHhALCCBoEgE3DzZvH10xMhoWDh4bMQALBh0OISImMisfO1U0AAIJCgkfEBgGHQ4hJDUPNhw7CCAAMhkdAmocOAJoFgAOVW9tCwVJajUELhM9GwE8LBMbCyQ+GSh9NyIqbB1eXSMAdzchEzJ9NystGjY3N28iHQMPbRoBXS44HxMJKQszND0lEH13KzcCLCspDm49DwcLEzt0WTQANHQYNTQ0cDojDAImJQg5AgMFFwAOdQEgCWB3JR5jEiAVIgMCExkKAB4xGiMCCihLDik3Kx1ZC2EqGA8xDhYfHA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1600:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
297f3bb745ff7d1a9b523b28c28cf0bb6b9185777fa1129a4afb560725d33efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://himhedrankslo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
594
x-amz-cf-id
G_lQpLmi9-EWcXmZScQJS9edqJqmtZ3Ar-goIL7jYJvkFh310nXopw==
QlVKJjIECA5oaDNAUH02GQ4HaGhAAgcuMR9MR39qEw0QIjcVQFALa0BdTH10RVZXdHRBV1ZoaEAWAys7AgxHfxxFVlVjaUZDF3Br
dmmzkfd82wayn.cloudfront.net/9TVpwZWIuNR4DXTkzFFhbeWNIU1ZrMAMKDD1nKAowFyw2FzoKIxRDFjc+TVVEITseAl9rPx4GX3x8EQEAcG5WEANwNx8fCyE2EUBQC29eVUd/algSCyM+HxIRaGhACxZoaEBUUmNqVVYgaGhAEgsjbERAUQ9/QlUae25ZQFB... Frame 8B4E 		191 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/9TVpwZWIuNR4DXTkzFFhbeWNIU1ZrMAMKDD1nKAowFyw2FzoKIxRDFjc+TVVEITseAl9rPx4GX3x8EQEAcG5WEANwNx8fCyE2EUBQC29eVUd/algSCyM+HxIRaGhACxZoaEBUUmNqVVYgaGhAEgsjbERAUQ9/QlUae25ZQFB9OwAVDigtFQcJJC5VVyR4aU-dLUXt/QlVKJjIECA5oaDNAUH02GQ4HaGhAAgcuMR9MR39qEw0QIjcVQFALa0BdTH10RVZXdHRBV1ZoaEAWAys7AgxHfxxFVlVjaUZDF3Br
Requested by
Host: himhedrankslo.xyz
URL: https://himhedrankslo.xyz/a3pTMnAKGDBfTwpHMRQFGRZuF0ItX2F0FAYXKVkWD0JhRRESFH1RHAQPN1QCBBQnHB4ODnYANlIuBUIHMS0aRz45ThdqJAAAFXQYCR8EfDk+SwlAPSo3GHY0WhQYcx8cPCpFQi0APHk5EygXdBoIX2FwJD0sFnskGB8SXkkZKisGNzNJKwo1Oj8SUTdeLRZzPhw0KwoWKAMWADU+OAJxQlIfBWcUTkgVUxwMKRBLPU5IEXoIIigydRgqOStoHwo/EWclBjQiZCYyHTJ1GCo/NEEaCT8BcyU6Q3YANjoWBlMVWU8JYzYpQxxFMT0+OlUELSsweDooTwVkCTlOMmddDzYGagROSBVjHD0xGVg5LjkSBx8KPh1zJSNKYXUhXzIydRgqOzRRBSYoan8iWEMidwdbKxpYEz0rFXM8CkoRViQjS2NgJjEiN3oiKSxiaB8KPxJlMRIJZHMXEzI1SggtLD9kGgovCXY2WDghFBoYFT1CTTMVAWgGLQgLdQkP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1600:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
379fb66bc617a47396e3874dec5c03e8d174628d3ae18e4f0189d2ae2f076e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://himhedrankslo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
186
x-amz-cf-id
kl-dsHuWRLHW39ulM7Vr7TgWwbO7I5ae6UEZq3JDemgcSNqJxhULMg==
JlsYXTxmCzUBe3QXQAJtcQlbXyA3VB8RegAcQQQkKlIWEXpzXhZXIywQVgZ4IFEBWyUmHEFyeXMBXQRmdgpGDWZyC0cRenNKElIpMVBWBg52CkQae3UfBgl5
dmmzkfd82wayn.cloudfront.net/5NEhDOXNXJy1fTEAhJwRLBn16CEISIjBWHUR1FF8qeBgafDRwKzMfB04sfglVWCktXk4SLS1aTgVuIl0RCXxlTQNbI35MHVAtJVAdUSxlTBIJJSxDGlgkIhxBcn1tCVYGeGtOGlosLE4AEXpzVwcRenMIQxp4ZgoxEXpzThp... Frame 3050 		463 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/5NEhDOXNXJy1fTEAhJwRLBn16CEISIjBWHUR1FF8qeBgafDRwKzMfB04sfglVWCktXk4SLS1aTgVuIl0RCXxlTQNbI35MHVAtJVAdUSxlTBIJJSxDGlgkIhxBcn1tCVYGeGtOGlosLE4AEXpzVwcRenMIQxp4ZgoxEXpzThpafnccQHZtcQkLAnxqHEEEKT-NJH1E/JlsYXTxmCzUBe3QXQAJtcQlbXyA3VB8RegAcQQQkKlIWEXpzXhZXIywQVgZ4IFEBWyUmHEFyeXMBXQRmdgpGDWZyC0cRenNKElIpMVBWBg52CkQae3UfBgl5
Requested by
Host: himhedrankslo.xyz
URL: https://himhedrankslo.xyz/Z0NUS0wGITcmcwZ+Nm05FS9pbn4hZmYNKAouLiAqA3tmPC0eLXooIAg2MC0+CC0gZSICN3F5ClINESMIKBsaEwYecjIfCSYrHjweKwE6enokBh0YBQ0BAwMZNXISDXQWJhYsLQEHBjwHHQ4yCXxTMDIsIDEUFyA4PyhgGAA0cjUfKzE2HSd8NQAMMyAzEhopBVR2GQMaJjceHQ0DFgczIDMBHQEGNDsQDCAAKB0jNCUgOno4JBUNDCkgNxsMIAgwGA54JgYMOzYxNDcZKQkOHRo0F3cOLCMfBgw7NjMrJCoqCSA3GgQ9NzcaJysCOjM9LwYRDgczbhoBBFYGcXkKLS8nEhQzOzkINjIBMXgdPxIVATgEEjgpFB4CZx0OXxExLA0EEgUaJywvHRwJPzMuEyQ9Gx0yOzYVMxF4LgURCRseFjkDCSE6MRMBJRsFGSEDJCQMCDAZLQh8BBExJQIsBjgCPCoVFhwOAHZmCCc2IjF4GQEBMyd5QSknJCIXfgMtFSsTDQ4LIyAk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1600:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
865b446eda89760cd59a649f73f0dba561b135a82270bc0258caca9ed5828f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://himhedrankslo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
361
x-amz-cf-id
LKVs0Gafcl6bCZloRK7X_Y8DovJ1fngIYYeYEgLzbybuTXopA_jP5A==
uczV6VzMQWhQxDAdcHmoERQRLbwVVXwk4XQMICQ1RJnkRZX1DU0sdXRx0NnFHCVFHZxUfVBQwDlVQFDQOQhMbM1FOAVwjQxxeRzhcGFMMNFYQUgtxRhIIFzhJGlkWNhZBc095A1YHSn9EGlseOEQAEEhnXQcQSGcCQxtKcgAxEEhnRBpbTGMWQHdfZQMLA0-5+FkE...
dmmzkfd82wayn.cloudfront.net/ Frame D52F 		828 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/uczV6VzMQWhQxDAdcHmoERQRLbwVVXwk4XQMICQ1RJnkRZX1DU0sdXRx0NnFHCVFHZxUfVBQwDlVQFDQOQhMbM1FOAVwjQxxeRzhcGFMMNFYQUgtxRhIIFzhJGlkWNhZBc095A1YHSn9EGlseOEQAEEhnXQcQSGcCQxtKcgAxEEhnRBpbTGMWQHdfZQMLA0-5+FkEFGydDH1ANMlEYXA5yATUASWAdQANfZQNbXhIjXh8QSBQWQQUWPlgWEEhnVBZWETgaVgdKNFsBWhcyFkFzS2cLXQVUYgBGDFRmAUcQSGdAElMbJVpWBzxiAEQbSWEVBghL
Requested by
Host: himhedrankslo.xyz
URL: https://himhedrankslo.xyz/bHVVc08NFzYecA1IN1U6HhloVn0qUGc1KwEYLxgpCE1nBC4VG3sQIwMAMRU9AxshXSEJAXBBCRkWLyV5Og8YIhgEJC03DggWHR4gKScEIQMOAgMlFxseYSseITwWIn4+PzsYHTYtZDcaXAYxKx0URRsdCSQ2AzUHNg0AFRkuJCI3IzokEzceIyQ9Pi0hRBM8DjoCPyI3FBAHCScPMhM+AiIzDCIaCwEtISclPBMJJyYyORgYIh0PMSxcTGAyfjU9Bh12KTI5ACojMAQyCikdOyseDyQGNCwvJC0HBA8SFAsKKR07IQ0cFwE0AjskHRcpNiQYPw5cWGBWfS4zPjYJKwwxNwddNBs+IyksDTJ6FTQBJg4/IhQXHi07MykeIhcNGwYGLT1LHj83BCQePSACIyMLIhA2JwIjFykYKSEyEhkLER49CR83AhssFTM+NTU/RzY/Fz0jACooLjIRNR0BNAAQHj8yMTIKADg3ORkcIhcJNwU0ECItPyIQJQ0LHRlVJR8aOwNyHy83JgMHRxtDKV0/OxwOIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1600:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
148204e41b00953c21c1604df8ca92a4c0f39aa1bb6dc4790be9998bcdf77db0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://himhedrankslo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
602
x-amz-cf-id
IPhUZb_zf6xTpolkNFps8-goa10tX1I6Ed5VkM0RgEN4O4W2UWHx0w==
/
6.adsco.re/ 		0
102 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
2592000
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
content-type
text/plain;charset=UTF-8
cache-control
private, max-age=10
cf-ray
77ff01e5d87c9007-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ 		0
456 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:39 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Origin
https://megaup.net
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=5
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
4.adsco.re/ 		45 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
29f2cc477b146b9aa418b066d6e964ef1dc7f24466f88bd9297efaf2e4d682ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:39 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Origin
https://megaup.net
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=5
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		52 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d3384d877fd1dafeea8432ed7ebae097f515147d74b091a12c5cadf16420e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
2592000
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
content-type
text/plain;charset=UTF-8
cache-control
private, max-age=10
cf-ray
77ff01e5d87b9007-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
6lthy1laqbnt.l4.adsco.re/ 		0
0
/
6lthy1laqbnt.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://6lthy1laqbnt.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, RO),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 27 Dec 2022 03:35:39 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
6lthy1laqbnt.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://6lthy1laqbnt.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Kuala Lumpur, Malaysia, ASN9009 (M247, RO),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 9197 		76 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7f44afbd93184255019e84f910d384402ea730e97fcb91094874532998f014

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age
1935658
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
77ff01e5ccefbb89-FRA
content-encoding
br
content-type
text/html
date
Tue, 27 Dec 2022 03:35:39 GMT
etag
W/"xkCBFtC0Wl/JiS60JFipuQ=="
expires
Fri, 27 Jan 2023 03:35:39 GMT
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server
cloudflare
vary
Accept-Encoding
/
theharityhild.buzz/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://theharityhild.buzz/
Requested by
Host: megaup.net
URL: https://megaup.net/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.162.51.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-51-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
/
api.purpleads.io/x/b/ Frame F5D3 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=eb941d8480b34d47bb3581399d576159&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=30a8e3b0-c747-4e75-a769-03559aae3b52&ts=1672112139449
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash
95b2e522a528d099727217fbc2e329d8eb8bb237c66dcf61390832944c9dcdae

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
pa-user-id
b43b29ad-ec20-4a87-b6a3-14dd62ba477b
etag
W/"de0-8Ruk5uG681Mau48hfHHRhEOkfPw"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://megaup.net
access-control-allow-credentials
true
x-request-id
55809623-c667-49d5-828e-0834c6ab6e2c
raleway_bold.woff
megaup.net/themes/flow/frontend_assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-7b50"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
31568
x-xss-protection
1; mode=block
v
api.purpleads.io/x/v2/ Frame F5D3 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/v?ts=1672112139485
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash
be4004f6787f22c51c4b70ba585eb9e763cb15350d912364289b5bf17dedf7c3

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.1.14

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
etag
W/"7cb-sqwh7qeS3wz63tNczTLsX2EUsw4"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://megaup.net
access-control-allow-credentials
true
x-request-id
a79b007a-cbe2-4f8f-aef1-d874bef927c6
agent.js
cdn.purpleads.io/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46cce4c9a098122fafa7c570d1e91a20c695decf19a2e65dee2e8ce57cda9e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 14:45:02 GMT
content-encoding
gzip
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 10:53:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
46240
etag
"bf50d3fb07f697488c398a5cb8c8db3a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
19305
x-amz-cf-id
JI6J-A3Xrf9Lah3gti87Dir-TlCrvdIoguRwj9fIvS-lqeXiav9q1A==
p
adsco.re/ 		259 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e456731b9f22b05f4484c3e63755c18c2bb4d7d8cbfa72db943659b781fff25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Transfer-Encoding
chunked
AS-P-1
OK lon123
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://megaup.net
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-P-2
OK
AS-P-3
OK
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=eb941d8480b34d47bb3581399d576159&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=30a8e3b0-c747-4e75-a769-03559aae3b52&ts=1672112139449
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:39 GMT
x-request-id
6893a709-ccf6-4c53-bde0-63d9653e05ca
v
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/v?ts=1672112139485
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:39 GMT
x-request-id
27ea119b-6e0b-487d-a10e-9e7b4753dabf
/
6.adsco.re/ Frame 9197 		0
0
/
4.adsco.re/ Frame 9197 		0
0
/
c.adsco.re/ Frame 9197 		60 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
br
cf-cache-status
HIT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server
cloudflare
age
1935658
etag
W/"xkCBFtC0Wl/JiS60JFipuQ=="
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
77ff01eaa910bb89-FRA
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 27 Jan 2023 03:35:39 GMT
prebid-2022-12-14.js
cdn.psdn.xyz/ Frame 481E 		347 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-14.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b0cc0f37d2d9dff52ed354664a1a65f2282a7b66617b35e288c80909f4d2a831
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:39 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 14 Dec 2022 11:19:45 GMT
x-sp-metadata
HS256.CJvsqZ0GEocBCiQ4MGQ0OGJhOS0zZTYxLTQxNmYtOTgyZS1hODlkNjk3NDQ0MWYQgMGmkNnD+wIaBgiL0KmdBiIMODAuMjU1LjcuMTA2KL6yAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYzdhNmZkZjAtM2JhMS00N2JmLWFiNDctZjlhOTQ0MjcwYzM5GJz9BiIYCAISFGNkczI4My5mcjguaHdjZG4ubmV0.MYfJpxRiDR864BBlnnYPNdkdzY02fwS84q1b+FHcznk=
x-amz-request-id
tx0000000000001e3152072-006399b600-34c6886a-nyc3b
etag
"1276363d62a712363e73660fb90e2cd7"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1672112139.dop154.fr8.t,1672112139.cds235.fr8.hn,1672112139.cds283.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
114332
localstore.js
script.4dex.io/ Frame F5D3 		483 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
212668
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4AkgfhKR3iqCM4xqwPz1Mf%2Bcwb2ouSdw0ljR7EHLoD4qHLxJ%2F6ZVjurTnGbgAR3Y7dfp1P2tdRCL9xj%2FJwBfHcFtSYcNc%2FgDiUH4kuCA2zKlvRJ0152jRM1tOjL6wPrZtgRP19uByPsdoKu"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
77ff01eb6eaf9b86-FRA
init
api.purpleads.io/x/ 		87 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1672112139953
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
etag
W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://megaup.net
access-control-allow-credentials
true
content-length
87
x-request-id
78b11f86-266c-4776-9727-0e5d3cc61937
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1672112139953
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
x-request-id
95de5a35-e382-45e1-afc2-0482bcd88dd7
prebid
ib.adnxs.com/ut/v3/ Frame F5D3 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a6fb88c490489f219439f80d95816fbf93728b7bed7ed11c8fcc14139c96d84
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:40 GMT
AN-X-Request-Uuid
61247cd3-3df4-4fc6-9694-f3cc7371f877
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://megaup.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ Frame F5D3 		1 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
147825e34e7918c86dde1cdc7b27622ef43e49b48615accff3c39e1cb43f10d1

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://megaup.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 03:35:40 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ Frame F5D3 		105 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.98.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-98-164.compute-1.amazonaws.com
Software
/
Resource Hash
de6c86f2ef6e01f9816779ad70119e40b20163ead9fb91199c89abbe7dd3a5dc

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://megaup.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
c
prebid.a-mo.net/a/ Frame F5D3 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
localstore.js
script.4dex.io/ Frame 481E 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
212668
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OakqRpqmwAN5K1F%2F5nUD41J8nmG%2FVaiQ0GqizX6NXkDORNqS7K2%2F9xrYV8o7D7di%2BwpF6xd9IFvn7D%2Ftk9OMjra0XLqJAp5207Vul2LWySG1tQp%2FJxRx5oz4Q9PeEAaFLzZip03Kbffxciw8"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
77ff01ebaeeb9b86-FRA
c
prebid.a-mo.net/a/ Frame 481E 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ Frame 481E 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://megaup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
77ff01ec2cf22be5-FRA
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 481E 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame 481E 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://megaup.net
Access-Control-Allow-Credentials
true
auction
tlx.3lift.com/header/ Frame 481E 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.177.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-177-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
007c2c43d25a5fff8c8d8913047abf982fe27f68fd986cb09e7cb2c0996d90ba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
accept-ch
sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://megaup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3470
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ Frame 481E 		33 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2567
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a18e9eb0317b9604f77239ccbda88f9fd30c7950dbf7006a4a616703ad412a67

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://megaup.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 481E 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e9a05e4c2ec9dabbd5cea40b22b71a7ef3998a58973317af153f8830eae272dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:40 GMT
AN-X-Request-Uuid
9139703f-8ab2-42c6-a247-afa91df38be2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://megaup.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ Frame 481E 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1f0e889345ac1baac569378a97d989acd5bf34c3a4caeb36e57980cbd81970c

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://megaup.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 03:35:40 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ Frame 481E 		105 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.98.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-98-164.compute-1.amazonaws.com
Software
/
Resource Hash
6dcb3ca38e7b5cab419a61cdc6ed16d82f014308fbdd88e8e7e0f4615c90cc54

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://megaup.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
ROS
pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ Frame 481E
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e112/1/megaup.net/ROS?rnd=0.6104939191103533&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252F...
  • https://pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.6104939191103533&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7...
359 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.6104939191103533&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
61196e3c2533b4e36ece496e7e286ade3fc5b4d1fd9a5266d01dff39d5227791

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Tue, 27 Dec 2022 03:35:40 GMT
date
Tue, 27 Dec 2022 03:35:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://megaup.net
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
359
x-sid
AMS-928

Redirect headers

date
Tue, 27 Dec 2022 03:35:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://megaup.net
location
/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.6104939191103533&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-928
adagio.js
script.4dex.io/ Frame F5D3 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZAW0SX4KE1QAQ2TB
Age
311485
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
hliOOr8DW5YbwWYix3euskv5vnly1hZzVKUOF85ZJtAGMXcC9uAOaVHWUs4wYKPM2QLZc9HrXINVIYX6ta6vIQ==
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BdgvnTPyapQ6z3bphXne6udOPie1FP5djPDRUk%2BR5KC2xC0EKR1gW4nveLwrLPx8Pe52YYLcyGZobEdZ1nxS9CozIgISmn5CwLZ4Sa7FEZsSCrPbxrZU9nASWHsr3kB1svXUxOTpM5at2Pm"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
77ff01ec2a3e6946-FRA
/
api.purpleads.io/x/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=eb941d8480b34d47bb3581399d576159&sizes=[[1600,1200],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=6b45d316-58dd-4a2b-93c9-5a55e563994b&ts=1672112140161
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash
6dbc57e2da7abf1ca63dcf94b44f3925dc868ac03f226c49117989a5f53ba26a

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
pa-user-id
0cacc635-cebb-428c-9413-67ddd4f181c4
etag
W/"df2-1aLwskOM7XO23QGhK5INQvyu+8M"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://megaup.net
access-control-allow-credentials
true
x-request-id
4594c693-e08f-467f-8aa6-d7217a930f5e
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=eb941d8480b34d47bb3581399d576159&sizes=[[1600,1200],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=6b45d316-58dd-4a2b-93c9-5a55e563994b&ts=1672112140161
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
x-request-id
24eb8ea4-bb41-4255-b654-85b2a535d575
adagio.js
script.4dex.io/ Frame 481E 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZAW0SX4KE1QAQ2TB
Age
311485
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
hliOOr8DW5YbwWYix3euskv5vnly1hZzVKUOF85ZJtAGMXcC9uAOaVHWUs4wYKPM2QLZc9HrXINVIYX6ta6vIQ==
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpsbuP7cbCc%2FoZIzC%2FL8REq9EZB4xxEQyOuJ51Sg8SFR0Hwu0A0KtmJC%2BKmEroE%2F6%2BkxIUP%2FN2sUPceSoUAVtdIJ5esb1sXR9XrFkIwrx7Y0BtqNQ%2BgKZ6ipqsPXAXAxq88vIfz14NZkpExZ"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
77ff01ec7aa86946-FRA
verify
engine.4dsply.com/ Frame F5D3 		17 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engine.4dsply.com/verify?sig=BAoAY6poDAFjqmgMgAGBAcAAIApUop0rDcahwIDa_N0HXbWFWej1XuhRs4e60wKg8of4wQAgbTVcAOqUtUAyhDInqgqitv_Is4A3GJYHWTI5drJv_Z7CACClHnF5IgthOOM7LBSMLfzW3EU8YIDhsIyMZnqk-uZiCsQAECoBBKATOACSAAAAAAAAAAjFABBmYcnIk9zEn-3ckU41VinpwwAgQ7Kuip7rhhFjdxEdEujT8nA61AFMBb2xcOhI0uxserQ
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
server
cloudflare
x-adscore-status
bot
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
cf-ray
77ff01ecffe69267-FRA
access-control-allow-headers
Content-Type
content-length
17
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Tag.vrfy
engine.4dsply.com/ Frame F5D3 		0
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.4dsply.com/Tag.vrfy?time=0&id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=59901&ver=async&referrerUrl=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&kw=transformers%2Cfall%2Cof%2Ccybertron%2Cmulti6%2Cplaza%2Cpart1%2Crar%2Cdownload%2Cfile%2Cupload%2Cmp3%2Cavi%2Czip&sig=BAoAY6poDAFjqmgMgAGBAcAAIApUop0rDcahwIDa_N0HXbWFWej1XuhRs4e60wKg8of4wQAgbTVcAOqUtUAyhDInqgqitv_Is4A3GJYHWTI5drJv_Z7CACClHnF5IgthOOM7LBSMLfzW3EU8YIDhsIyMZnqk-uZiCsQAECoBBKATOACSAAAAAAAAAAjFABBmYcnIk9zEn-3ckU41VinpwwAgQ7Kuip7rhhFjdxEdEujT8nA61AFMBb2xcOhI0uxserQ
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
server
cloudflare
x-adscore-status
bot
cf-ray
77ff01ec7f32914a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
prebid
mp.4dex.io/ Frame F5D3 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://megaup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
77ff01edce232be5-FRA
expires
0
prebid
prebid.media.net/rtb/ Frame F5D3 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd35bd463e21be906dd46cea55958721cab968127eaaabe75d4ef00e221e8cac

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://megaup.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 03:35:40 GMT
c
prebid.a-mo.net/a/ Frame F5D3 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame F5D3 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
65e9a21c98b2ea3513d083444db4fa517f61b435c8d3e5bfa72f2caf4692f7a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:40 GMT
AN-X-Request-Uuid
fa3258cf-f592-4e8e-bc99-0ada51aeff21
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://megaup.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ Frame F5D3 		105 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.98.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-98-164.compute-1.amazonaws.com
Software
/
Resource Hash
0c95ab01bf4f097af25ca82cb0cd12dcbb96db380ab45f38b115b159867aac0f

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://megaup.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-2022-12-14.js
cdn.psdn.xyz/ Frame 9390 		347 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-14.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b0cc0f37d2d9dff52ed354664a1a65f2282a7b66617b35e288c80909f4d2a831
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 14 Dec 2022 11:19:45 GMT
x-sp-metadata
HS256.CJzsqZ0GEocBCiQ1OThjNWU1ZC0wOTI5LTQ0NzctOWExNC00ZDBiMTU0NWIzZWMQgMGmkNnD+wIaBgiM0KmdBiIMODAuMjU1LjcuMTA2KL6yAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNDM4MTAyMTYtNGU5Zi00NWZjLWIzMmEtMzJmM2M5ZWNhY2VlGJz9BiIYCAISFGNkczI4My5mcjguaHdjZG4ubmV0.oaISX5u6ARGk/HAeoyrh223tnkbM127sQtXhZEnyDoM=
x-amz-request-id
tx0000000000001e3152072-006399b600-34c6886a-nyc3b
etag
"1276363d62a712363e73660fb90e2cd7"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1672112140.dop154.fr8.t,1672112140.cds235.fr8.hn,1672112140.cds283.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
114332
localstore.js
script.4dex.io/ Frame 9390 		483 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
212668
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ler5sOZpv%2Ftv192vxIORJudO5l0aVkkE4AK4jfiuKGklhZ3405d81tNjXD6eBOSFDpc%2BKXs07DX1Vct%2BwyzXbe1By28SFLDYVRnThDbj%2B68Nfgmb175zPffaw1H8ysiGUlMsfmfyaave5z5H"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
77ff01eef9a69b86-FRA
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame 9390 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://megaup.net
Access-Control-Allow-Credentials
true
c
prebid.a-mo.net/a/ Frame 9390 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ Frame 9390 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://megaup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
77ff01ef0f032be5-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 9390 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
65e2c77780c75462db1cdbd3a9e3bb1a19ef1b5acac91ac750602f513dc011a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7870d551-ece4-4637-af62-0dc8e9e8d9b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://megaup.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9390 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adreq
ads.servenobid.com/ Frame 9390 		33 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4131
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a18e9eb0317b9604f77239ccbda88f9fd30c7950dbf7006a4a616703ad412a67

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://megaup.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame 9390 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.177.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-177-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
083c04905e3fb4f85af9fafa2500d0c75dc91dcfd3f664cddb592a4762923052
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://megaup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3466
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ Frame 9390 		105 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.98.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-98-164.compute-1.amazonaws.com
Software
/
Resource Hash
4c732b2e04f2b290d7c5e41e40f21e6a18a0421305c42834755785bc81db665c

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://megaup.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
ROS
pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ Frame 9390
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e112/1/megaup.net/ROS?rnd=0.4032087969011324&e=728x90_0%3A728x90%2C970x90%2C1600x1200%2C468x60%2C320x100%2C320x50%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3...
  • https://pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.4032087969011324&e=728x90_0%3A728x90%2C970x90%2C1600x1200%2C468x60%2C320x100%2C320x50%2C300x100&ur=https%3A%2F%2Fmegaup.net...
358 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.4032087969011324&e=728x90_0%3A728x90%2C970x90%2C1600x1200%2C468x60%2C320x100%2C320x50%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
bb1543880da376e6bdf11b7af502824f4e47bcc912bda74442bbcb144a368f7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Tue, 27 Dec 2022 03:35:41 GMT
date
Tue, 27 Dec 2022 03:35:41 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://megaup.net
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
358
x-sid
AMS-928

Redirect headers

date
Tue, 27 Dec 2022 03:35:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://megaup.net
location
/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.4032087969011324&e=728x90_0%3A728x90%2C970x90%2C1600x1200%2C468x60%2C320x100%2C320x50%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-928
prebid
prebid.media.net/rtb/ Frame 9390 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9aa67a075af1be632b4c8a8fdd774ca2385e6117debdf955d0a01b38e95544dc

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://megaup.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 03:35:40 GMT
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame E485 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1598040
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
jalUe7xPKUq9GZIxXPU9rwjexnocq0CFJh4_RlnPSXieRU-mHUf2Gg==
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1672112140645
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
x-request-id
b94568e8-cda8-40d0-b013-b6354e7d2a74
i
api.purpleads.io/x/a/be2f208ab5b41704b7fe69536c88486e:386452ef3151b57ec6db069cbe3e65e5db1e0f00905904dae067cc10a4f95e2daab685beb3615d418bd8a8062f9c658dca814d53f35037fb85d88697d871feb9ebea6e25030ba2e... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/be2f208ab5b41704b7fe69536c88486e:386452ef3151b57ec6db069cbe3e65e5db1e0f00905904dae067cc10a4f95e2daab685beb3615d418bd8a8062f9c658dca814d53f35037fb85d88697d871feb9ebea6e25030ba2e660b525f6e45b2e72135f819dfdd9a86881633704813f62f4c7db26bf813c07fe7ed6873cb476cc90652eaed85ecd0fd5f543e8a7e4dcb9fdd52752cf66a587d7886f874d720e2a22/i?id=55809623-c667-49d5-828e-0834c6ab6e2c&ts=1672112140646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
x-request-id
31ddb3ab-afb4-48da-b7ea-d71d52d622bb
winner
api.purpleads.io/x/a/ Frame F5D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1672112140645
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
38ce89e2-8fc5-41a3-a99a-380e1e5c9d6b
i
api.purpleads.io/x/a/be2f208ab5b41704b7fe69536c88486e:386452ef3151b57ec6db069cbe3e65e5db1e0f00905904dae067cc10a4f95e2daab685beb3615d418bd8a8062f9c658dca814d53f35037fb85d88697d871feb9ebea6e25030ba2e... Frame F5D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/be2f208ab5b41704b7fe69536c88486e:386452ef3151b57ec6db069cbe3e65e5db1e0f00905904dae067cc10a4f95e2daab685beb3615d418bd8a8062f9c658dca814d53f35037fb85d88697d871feb9ebea6e25030ba2e660b525f6e45b2e72135f819dfdd9a86881633704813f62f4c7db26bf813c07fe7ed6873cb476cc90652eaed85ecd0fd5f543e8a7e4dcb9fdd52752cf66a587d7886f874d720e2a22/i?id=55809623-c667-49d5-828e-0834c6ab6e2c&ts=1672112140646
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:40 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
2e8f2602-25b5-4c0f-87b2-b4031ecc768b
notify
tlx.3lift.com/header/ Frame E485 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.152&ts=1672112140&aid=40856057513145779109890&ec=3690_62334_11204414&n=GgDyAsMBCAASFzQwODU2MDU3NTEzMTQ1Nzc5MTA5ODkwGAAgASjqHDD%2B5gNAAUgAUABgCmgAcKOAA5ABAJgBAKgBALgBBcABmAHIAc4B8AEA%2BAHOAYACmAGRAgAAAAAAAPA%2FmQKkcD0K16PQP6gCALACAcgCBNgCAPECZmZmZmZm5j%2F4AuE4gAOsAogD%2BgGQAwCYAwCgAwC4A7H9EsgDANIDCDExMjA0NDE04AP3sNw06QMAAAAAAAAAAPADzgH5AwAAAAAAAAAA%2BAIMiAMAkgMEMzk5NZgDAKAD7sERqAMA
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.177.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-177-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame E485 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=40856057513145779109890
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
adagio.js
script.4dex.io/ Frame 9390 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZAW0SX4KE1QAQ2TB
Age
311485
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
hliOOr8DW5YbwWYix3euskv5vnly1hZzVKUOF85ZJtAGMXcC9uAOaVHWUs4wYKPM2QLZc9HrXINVIYX6ta6vIQ==
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JB0OsBRqgmvlY1vks%2B%2FAyr36mSt3rUuLcXEoVlIHT%2BrxT%2FE%2BdwjDZhDa1M0Tgx2WmWXWo61Suts%2Bvb2dVks7A1agk9bnxKzbuZmoVCt4Z%2BOS4L55Gt0bMYThQRHgtDywbsQKi3D1IFQj3xYh"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
77ff01ef4e996946-FRA
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=40856057513145779109890&rev=2369ca4&pr=un&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204414&crid=110565495&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&domain=megaup.net&ref=https%253A%252F%252Fmegaup.net%252F1JFsg%253Fpt%253D7bamY2%25252FjpYfYpO%25252FlAQYs5%25252Fs8O8eyVTVNuDvfusud0m8%25253D&rr=creative&fid=10&rb=0&g=0&cb=92559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame B692 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame E485 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 08:16:07 GMT
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
69574
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
BxzLSvJurDtJfeBPFBdlqzITEvzExvjWbpJ9H7mdvRXRXwQEB0UjKw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame E485 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 07:09:54 GMT
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
73547
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
2vm75Mz_A-PstF4m1NYYUTXjNN8LPZ4Z8ur5xVgm1UOG5o-n3H-StA==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=40856057513145779109890&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=29727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
js
tags.mathtag.com/notify/ Frame 9ADC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2Nzc2NDE1ODcxNDMxODMxMzQvMTEyMDQ0MTQvMTI3ODAzMzYvNjIvazV0Mjk0WkRmdk1ramswOWRnQTYxdHlqS2Z1ZmZUZmhJZjg3QTZTQ0NMTS8xLzYyLzAvMC8yMDM5MjE2LzEzNTg4OTA4NTgvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84Njc3NjQxNTg3MTQzMTgzMTM0L3pyaC8wLzQ0MzkvNTkvOTk5LzI1OC84MC4yNTUuNy4wLzAuMDAwLzE2NzIxMTIxNDAvMTY3MjEyNDc0MC82Mi8xMTc5My8/ifyoiWxPReACodrzakR4rXZUBdM&nodeid=3740&group=zrh&auctionid=8677641587143183134&pbs_auctionid=8677641587143183134&shardkey=8677641587143183134&sid=12780336&cid=11204414&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.38
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
001a9cff1f2ca50854c7b297870988397348542a0b4d54f4030568ce9a84e77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:40 GMT
x-mm-nodeid
3740
Content-Encoding
gzip
x-mm-bid-request-time
1672112140
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Tue, 27 Dec 2022 03:35:40 GMT
Server
MMBD/3.374.2
x-mm-latency
1 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x80, zrh-bidder-x127
x-mm-lag
0
Expires
Tue, 27 Dec 2022 03:35:39 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=40856057513145779109890&rev=2369ca4&pr=un&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204414&crid=110565495&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&domain=megaup.net&ref=https%253A%252F%252Fmegaup.net%252F1JFsg%253Fpt%253D7bamY2%25252FjpYfYpO%25252FlAQYs5%25252Fs8O8eyVTVNuDvfusud0m8%25253D&rr=creative&fid=10&rb=0&g=0&cb=29306
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame 0E1E 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=99814
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 27 Dec 2022 03:35:40 GMT
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=40856057513145779109890&rev=2369ca4&pr=0.152&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204414&crid=110565495&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=90077
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
qcnz3il3mbuc
hal9000.redintelligence.net/zone/ Frame 9ADC 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qcnz3il3mbuc?subid=&gdpr=0&gdpr_consent=&rnd=8677641587143183134&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D40856057513145779109890%26mt_aid%3D8677641587143183134%26mt_id%3D11204414%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
fb4f57cbf955eda0db9ff6e081e7338cadbbf04f9e087644b5e9e2fe3ad67431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2880
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 9ADC 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=8677641587143183134&node_id=3740&exch_id=62
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2Nzc2NDE1ODcxNDMxODMxMzQvMTEyMDQ0MTQvMTI3ODAzMzYvNjIvazV0Mjk0WkRmdk1ramswOWRnQTYxdHlqS2Z1ZmZUZmhJZjg3QTZTQ0NMTS8xLzYyLzAvMC8yMDM5MjE2LzEzNTg4OTA4NTgvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84Njc3NjQxNTg3MTQzMTgzMTM0L3pyaC8wLzQ0MzkvNTkvOTk5LzI1OC84MC4yNTUuNy4wLzAuMDAwLzE2NzIxMTIxNDAvMTY3MjEyNDc0MC82Mi8xMTc5My8/ifyoiWxPReACodrzakR4rXZUBdM&nodeid=3740&group=zrh&auctionid=8677641587143183134&pbs_auctionid=8677641587143183134&shardkey=8677641587143183134&sid=12780336&cid=11204414&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x84, zrh-bidder-x127
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 27 Dec 2022 03:35:40 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 9ADC 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=8677641587143183134&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2Nzc2NDE1ODcxNDMxODMxMzQvMTEyMDQ0MTQvMTI3ODAzMzYvNjIvazV0Mjk0WkRmdk1ramswOWRnQTYxdHlqS2Z1ZmZUZmhJZjg3QTZTQ0NMTS8xLzYyLzAvMC8yMDM5MjE2LzEzNTg4OTA4NTgvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84Njc3NjQxNTg3MTQzMTgzMTM0L3pyaC8wLzQ0MzkvNTkvOTk5LzI1OC84MC4yNTUuNy4wLzAuMDAwLzE2NzIxMTIxNDAvMTY3MjEyNDc0MC82Mi8xMTc5My8/ifyoiWxPReACodrzakR4rXZUBdM&nodeid=3740&group=zrh&auctionid=8677641587143183134&pbs_auctionid=8677641587143183134&shardkey=8677641587143183134&sid=12780336&cid=11204414&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4e96692692ab0b89294689963c143828abe89527ea6b8579d6427dad8362c3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
3028
Expires
0
img
pixel.mathtag.com/event/ Frame 9ADC 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=62&v2=8677641587143183134&v3=1262142&v4=12780336&v5=11204414&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2Nzc2NDE1ODcxNDMxODMxMzQvMTEyMDQ0MTQvMTI3ODAzMzYvNjIvazV0Mjk0WkRmdk1ramswOWRnQTYxdHlqS2Z1ZmZUZmhJZjg3QTZTQ0NMTS8xLzYyLzAvMC8yMDM5MjE2LzEzNTg4OTA4NTgvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84Njc3NjQxNTg3MTQzMTgzMTM0L3pyaC8wLzQ0MzkvNTkvOTk5LzI1OC84MC4yNTUuNy4wLzAuMDAwLzE2NzIxMTIxNDAvMTY3MjEyNDc0MC82Mi8xMTc5My8/ifyoiWxPReACodrzakR4rXZUBdM&nodeid=3740&group=zrh&auctionid=8677641587143183134&pbs_auctionid=8677641587143183134&shardkey=8677641587143183134&sid=12780336&cid=11204414&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x3 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 27 Dec 2022 03:35:40 GMT
img
tags.mathtag.com/event/ Frame 9ADC 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ss6&bid=8677641587143183134&st=12780336&time=1672112140&nodeid=3740
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2Nzc2NDE1ODcxNDMxODMxMzQvMTEyMDQ0MTQvMTI3ODAzMzYvNjIvazV0Mjk0WkRmdk1ramswOWRnQTYxdHlqS2Z1ZmZUZmhJZjg3QTZTQ0NMTS8xLzYyLzAvMC8yMDM5MjE2LzEzNTg4OTA4NTgvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84Njc3NjQxNTg3MTQzMTgzMTM0L3pyaC8wLzQ0MzkvNTkvOTk5LzI1OC84MC4yNTUuNy4wLzAuMDAwLzE2NzIxMTIxNDAvMTY3MjEyNDc0MC82Mi8xMTc5My8/ifyoiWxPReACodrzakR4rXZUBdM&nodeid=3740&group=zrh&auctionid=8677641587143183134&pbs_auctionid=8677641587143183134&shardkey=8677641587143183134&sid=12780336&cid=11204414&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x75, zrh-bidder-x127
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 27 Dec 2022 03:35:40 GMT
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame 9A5A 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1598041
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
v3VmoESh6FLYE-bDtd_LVmTNn4aqEQgLsFJFelmBXmJZCc_sm6cniw==
winner
api.purpleads.io/x/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1672112141169
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:41 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
2f4585d4-2deb-47d2-b8b9-23e35520f6de
i
api.purpleads.io/x/a/488e44e6c7a2da9bd409bbd478b44a92:14f24c6567319ebd327786fb5778d0251d30a7e0e9ce5c5536de95e2d38a12fb1c0cec3af8d064c058eef4d2920821095cbfe3b5cc43948c4637d8a4dcf9973cccc52d910c982ff... 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/488e44e6c7a2da9bd409bbd478b44a92:14f24c6567319ebd327786fb5778d0251d30a7e0e9ce5c5536de95e2d38a12fb1c0cec3af8d064c058eef4d2920821095cbfe3b5cc43948c4637d8a4dcf9973cccc52d910c982ff44a9f740bed75c3b628c6b6430368e72a150f4b69355f9d2aad9297ced3a6d11b639f816add1b079416b26d65fb2f042e16cfa59041f7f92494aba131abed0b9f1e0c9b5706e330ab/i?id=4594c693-e08f-467f-8aa6-d7217a930f5e&ts=1672112141170
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9tZWdhdXAubmV0LzFKRnNnP3B0PTdiYW1ZMiUyRmpwWWZZcE8lMkZsQVFZczUlMkZzOE84ZXlWVFZOdUR2ZnVzdWQwbTglM0Q=
accept-language
de-DE,de;q=0.9
Authorization
Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://megaup.net/
x-purpleads-version
2.3.7

Response headers

access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:41 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
bb54a033-3306-44b9-8e65-d4f7c52be20e
notify
tlx.3lift.com/header/ Frame 9A5A 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.152&ts=1672112140&aid=6656385724334679980960&ec=3690_62334_11204419&n=GgDyAsEBCAASFjY2NTYzODU3MjQzMzQ2Nzk5ODA5NjAYACABKOocMP7mA0ABSABQAGAKaABwo4ADkAEAmAEAqAEAuAEFwAGYAcgBzgHwAQD4Ac4BgAKYAZECAAAAAAAA8D%2BZAqRwPQrXo9A%2FqAIAsAIByAIE2AIA8QJmZmZmZmbmP%2FgC4TiAA9gFiANakAMAmAMAoAMAuAOx%2FRLIAwDSAwgxMTIwNDQxOeADwrDcNOkDAAAAAAAAAADwA84B%2BQMAAAAAAAAAAPgCDIgDAJIDBDM5OTWYAwCgA%2B7BEagDAA%3D%3D
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.177.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-177-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 9A5A 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=6656385724334679980960
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1672112141169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:41 GMT
x-request-id
de825969-c473-4d07-85c2-ef33f93c7e28
i
api.purpleads.io/x/a/488e44e6c7a2da9bd409bbd478b44a92:14f24c6567319ebd327786fb5778d0251d30a7e0e9ce5c5536de95e2d38a12fb1c0cec3af8d064c058eef4d2920821095cbfe3b5cc43948c4637d8a4dcf9973cccc52d910c982ff... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/488e44e6c7a2da9bd409bbd478b44a92:14f24c6567319ebd327786fb5778d0251d30a7e0e9ce5c5536de95e2d38a12fb1c0cec3af8d064c058eef4d2920821095cbfe3b5cc43948c4637d8a4dcf9973cccc52d910c982ff44a9f740bed75c3b628c6b6430368e72a150f4b69355f9d2aad9297ced3a6d11b639f816add1b079416b26d65fb2f042e16cfa59041f7f92494aba131abed0b9f1e0c9b5706e330ab/i?id=4594c693-e08f-467f-8aa6-d7217a930f5e&ts=1672112141170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.229.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-229-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://megaup.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://megaup.net
date
Tue, 27 Dec 2022 03:35:41 GMT
x-request-id
c0351b4e-1f92-48d0-8cbe-2019e335b3b0
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=6656385724334679980960&rev=2369ca4&pr=un&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204419&crid=110565442&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&domain=megaup.net&ref=https%253A%252F%252Fmegaup.net%252F1JFsg%253Fpt%253D7bamY2%25252FjpYfYpO%25252FlAQYs5%25252Fs8O8eyVTVNuDvfusud0m8%25253D&rr=creative&fid=10&rb=0&g=0&cb=56595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 9A5A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 08:16:07 GMT
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
69575
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
83DMokCVdBgbWtlkc2i-5owDU6Em5LAjM7HVuHtlpzDTyLkWEjlRfw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 9A5A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 07:09:54 GMT
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
73548
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
xN-w8bWpizggy_E-XQHmGbkcOrNSE7j93wRlD7Z-DHbakG8oDaEExw==
truncated
/ Frame 1E44 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=6656385724334679980960&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=93645
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
js
tags.mathtag.com/notify/ Frame 09A0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNzE5MTA1NDg5NTI1NTkwMy8xMTIwNDQxOS8xMjc4MDMzNi82Mi9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFycVNxUDNpZmp4UXlJZ1ZPc0lpb1N3LzEvNjIvMC8wLzIwMzkyMTYvMTM1ODg5MDg1OC8yMTU1NDMvMTI2MjE0Mi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwNzE5MTA1NDg5NTI1NTkwMy96cmgvMC80NDQxLzU5Lzk5OS8yNTgvODAuMjU1LjcuMC8wLjAwMC8xNjcyMTEyMTQwLzE2NzIxMjQ3NDAvNjIvMTE3OTMv/8FH3VQ-WTNOqrqmfM1_DxfP5q_Q&nodeid=3740&group=zrh&auctionid=607191054895255903&pbs_auctionid=607191054895255903&shardkey=607191054895255903&sid=12780336&cid=11204419&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.139
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
cb04b7a440abbf9eca18bdf49cc8cc21c67fa4ada8912c2a2c6b71b8234c75cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
x-mm-nodeid
3740
x-mm-handled-by-owner
true
x-mm-bid-request-time
1672112140
Last-Modified
Tue, 27 Dec 2022 03:35:40 GMT
Server
MMBD/3.374.2
Content-Encoding
gzip
x-mm-latency
2 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x83, zrh-bidder-x127
Connection
close
x-mm-lag
1
Expires
Tue, 27 Dec 2022 03:35:40 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=6656385724334679980960&rev=2369ca4&pr=un&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204419&crid=110565442&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&domain=megaup.net&ref=https%253A%252F%252Fmegaup.net%252F1JFsg%253Fpt%253D7bamY2%25252FjpYfYpO%25252FlAQYs5%25252Fs8O8eyVTVNuDvfusud0m8%25253D&rr=creative&fid=10&rb=0&g=0&cb=49260
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame 249B 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=89258
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 27 Dec 2022 03:35:41 GMT
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=6656385724334679980960&rev=2369ca4&pr=0.152&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204419&crid=110565442&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=24373
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
request.php
hal900022.redintelligence.net/ Frame 9ADC
Redirect Chain
  • https://hal900022.redintelligence.net/request.php?zone=qcnz3il3mbuc&nw=20&renderingType=javascript&namespace=837b3e71eb&subid=&uid=0073388b34dbe938&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900022.redintelligence.net/request.php?zone=qcnz3il3mbuc&nw=20&renderingType=javascript&namespace=837b3e71eb&subid=&uid=0073388b34dbe938&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request.php?zone=qcnz3il3mbuc&nw=20&renderingType=javascript&namespace=837b3e71eb&subid=&uid=0073388b34dbe938&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D40856057513145779109890%26mt_aid%3D8677641587143183134%26mt_id%3D11204414%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D&documentReferer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ancestorOrigins=https%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net&random=5095880263405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
HTTP/1.1
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
851be05f20e974f186b6b5d6d2bac886446f4b83b31d3d4e9952526d98ddeed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
38849600012927306783187012186022
Connection
close
Content-Length
331
Expires
Tue, 27 Dec 2022 03:35:41 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=qcnz3il3mbuc&nw=20&renderingType=javascript&namespace=837b3e71eb&subid=&uid=0073388b34dbe938&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D40856057513145779109890%26mt_aid%3D8677641587143183134%26mt_id%3D11204414%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D&documentReferer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ancestorOrigins=https%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net&random=5095880263405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 27 Dec 2022 03:35:41 +0100
y39eto6m2jel
hal9000.redintelligence.net/zone/ Frame 09A0 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=0&gdpr_consent=&rnd=607191054895255903&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D6656385724334679980960%26mt_aid%3D607191054895255903%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
b294511bf3671949ac936112c4ef28571437670b72d5b93b3013b37bcb1fb1d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2876
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 09A0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=607191054895255903&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNzE5MTA1NDg5NTI1NTkwMy8xMTIwNDQxOS8xMjc4MDMzNi82Mi9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFycVNxUDNpZmp4UXlJZ1ZPc0lpb1N3LzEvNjIvMC8wLzIwMzkyMTYvMTM1ODg5MDg1OC8yMTU1NDMvMTI2MjE0Mi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwNzE5MTA1NDg5NTI1NTkwMy96cmgvMC80NDQxLzU5Lzk5OS8yNTgvODAuMjU1LjcuMC8wLjAwMC8xNjcyMTEyMTQwLzE2NzIxMjQ3NDAvNjIvMTE3OTMv/8FH3VQ-WTNOqrqmfM1_DxfP5q_Q&nodeid=3740&group=zrh&auctionid=607191054895255903&pbs_auctionid=607191054895255903&shardkey=607191054895255903&sid=12780336&cid=11204419&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f6c3ea3a8d3c858c2f37d100745f1e855bb79d29ecfc94bc1e5e073fc7a2e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
3023
Expires
0
img
pixel.mathtag.com/event/ Frame 09A0 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=62&v2=607191054895255903&v3=1262142&v4=12780336&v5=11204419&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNzE5MTA1NDg5NTI1NTkwMy8xMTIwNDQxOS8xMjc4MDMzNi82Mi9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFycVNxUDNpZmp4UXlJZ1ZPc0lpb1N3LzEvNjIvMC8wLzIwMzkyMTYvMTM1ODg5MDg1OC8yMTU1NDMvMTI2MjE0Mi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwNzE5MTA1NDg5NTI1NTkwMy96cmgvMC80NDQxLzU5Lzk5OS8yNTgvODAuMjU1LjcuMC8wLjAwMC8xNjcyMTEyMTQwLzE2NzIxMjQ3NDAvNjIvMTE3OTMv/8FH3VQ-WTNOqrqmfM1_DxfP5q_Q&nodeid=3740&group=zrh&auctionid=607191054895255903&pbs_auctionid=607191054895255903&shardkey=607191054895255903&sid=12780336&cid=11204419&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x10 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x10 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 27 Dec 2022 03:35:40 GMT
img
tags.mathtag.com/event/ Frame 09A0 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ss6&bid=607191054895255903&st=12780336&time=1672112141&nodeid=3740
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNzE5MTA1NDg5NTI1NTkwMy8xMTIwNDQxOS8xMjc4MDMzNi82Mi9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFycVNxUDNpZmp4UXlJZ1ZPc0lpb1N3LzEvNjIvMC8wLzIwMzkyMTYvMTM1ODg5MDg1OC8yMTU1NDMvMTI2MjE0Mi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwNzE5MTA1NDg5NTI1NTkwMy96cmgvMC80NDQxLzU5Lzk5OS8yNTgvODAuMjU1LjcuMC8wLjAwMC8xNjcyMTEyMTQwLzE2NzIxMjQ3NDAvNjIvMTE3OTMv/8FH3VQ-WTNOqrqmfM1_DxfP5q_Q&nodeid=3740&group=zrh&auctionid=607191054895255903&pbs_auctionid=607191054895255903&shardkey=607191054895255903&sid=12780336&cid=11204419&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x26, zrh-bidder-x127
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 27 Dec 2022 03:35:40 GMT
js
sync.mathtag.com/sync/ Frame 09A0 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWW1WaU5qSTRNREl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNzE5MTA1NDg5NTI1NTkwMy8xMTIwNDQxOS8xMjc4MDMzNi82Mi9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFycVNxUDNpZmp4UXlJZ1ZPc0lpb1N3LzEvNjIvMC8wLzIwMzkyMTYvMTM1ODg5MDg1OC8yMTU1NDMvMTI2MjE0Mi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwNzE5MTA1NDg5NTI1NTkwMy96cmgvMC80NDQxLzU5Lzk5OS8yNTgvODAuMjU1LjcuMC8wLjAwMC8xNjcyMTEyMTQwLzE2NzIxMjQ3NDAvNjIvMTE3OTMv/8FH3VQ-WTNOqrqmfM1_DxfP5q_Q&nodeid=3740&group=zrh&auctionid=607191054895255903&pbs_auctionid=607191054895255903&shardkey=607191054895255903&sid=12780336&cid=11204419&price=0.206&bp=a_cagefj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 277 3f0ad7a master zrh-pixel-x25 config:1.0.0 /
Resource Hash
ea912ca3883cb94101c4ece680054ef8c5bbcabd9e7f309cca92394d2c65a9e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Content-Encoding
gzip
Server
MT3 277 3f0ad7a master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
close
Expires
Tue, 27 Dec 2022 03:35:40 GMT
request.php
hal900010.redintelligence.net/ Frame 09A0 		611 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=630216b7bc&subid=&uid=a492f9b69dd64fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D6656385724334679980960%26mt_aid%3D607191054895255903%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D&documentReferer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ancestorOrigins=https%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net&random=1182407558130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=0&gdpr_consent=&rnd=607191054895255903&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D6656385724334679980960%26mt_aid%3D607191054895255903%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
66c52c32eef6ba86d195a491ec9d75e8af4795f365e3402626e7063395ddceb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
15142500009392906783183012186010
Connection
close
Content-Length
331
Expires
Tue, 27 Dec 2022 03:35:41 +0100
NmhSMVcZVzFCamEgOQUNYxw6YgZOMDRcI3opFHNhVD0TfA9uUHRFPlJVagNiD1ljFydfDG8CZRAbJlAjQxtvA2cGXXRYOVAHbwNnBl5iAWIDUHcGFF4cJkEkE1sTFGVwTWB3IFMKIlg0XUUxVTkYG2EfIkVFJVQkQkVgHzZbCSheOVcfIR80WQV3AxFRDSZdNl8Mf...
othdgemanow.xyz/ 		0
394 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://othdgemanow.xyz/NmhSMVcZVzFCamEgOQUNYxw6YgZOMDRcI3opFHNhVD0TfA9uUHRFPlJVagNiD1ljFydfDG8CZRAbJlAjQxtvA2cGXXRYOVAHbwNnBl5iAWIDUHcGFF4cJkEkE1sTFGVwTWB3IFMKIlg0XUUxVTkYG2EfIkVFJVQkQkVgHzZbCSheOVcfIR80WQV3AxFRDSZdNl8MfFsnUw93BhRYHT5dcgErawhgBV5gAWMGWWcGYQdcawFgEB5vAXkORmMEeQZOJwxmAFxlA2MCUWIIYAVcYgZlEBwiUDALWXRBI0IEbwBhAVpjAGUHXGMEZwY
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL%2BC0ayIrc4WYPXu6TAGZyTZBis4K1U4UFG%2BRRoYiLN3S8IPUfAw1vGaJyAqrmAV7COruh6OtRvVjRDUSpzvFbs8gDXMrq9ieF0i9BXhKDaoOZIKT5xei%2Bum9pQdHvpxOpE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77ff01f478a2bb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ 		0
0
request_content.php
hal900022.redintelligence.net/ Frame 755A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=qcnz3il3mbuc&nw=20&renderingType=javascript&namespace=837b3e71eb&subid=&uid=0073388b34dbe938&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D40856057513145779109890%26mt_aid%3D8677641587143183134%26mt_id%3D11204414%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D&documentReferer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ancestorOrigins=https%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net&random=5095880263405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
61e6adb92dfa31cf72c265a21abf252f146272d2d430e6c45acac9ff9d6b41d4

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2297
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Dec 2022 03:35:41 GMT
Expires
Tue, 27 Dec 2022 03:35:41 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?oz_pl=1&ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=8677641587143183134&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.87.1/ Frame 9ADC 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=8677641587143183134&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54838
Expires
Fri, 04 Sep 2054 05:21:40 GMT
truncated
/ Frame 3AD2 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3AD2 		814 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame 3AD2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.81.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:43 GMT
Last-Modified
Thu, 25 Jun 2020 08:18:14 GMT
Server
AmazonS3
x-amz-request-id
24WQ7EAT67NQHK4T
ETag
"e73bda30c82b74c32e5f03e4ed4e4bb1"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9313
x-amz-id-2
trjv45xdmHixE9QlNtE9V8zvt5h/8pBS+W1zJ/P66Xmdvv0oUqzcfZ+ge70z9NI2/DNCyaySLHY6XolFJXvapw==
x-amz-meta-s3b-last-modified
20200625T081632Z
request_content.php
hal900010.redintelligence.net/ Frame 1230 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=630216b7bc&subid=&uid=a492f9b69dd64fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D6656385724334679980960%26mt_aid%3D607191054895255903%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26mt_cid%3D377c63aa-680c-4501-a5a9-b7f2240d91e0%26redirect%3D&documentReferer=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ancestorOrigins=https%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net%2Chttps%3A%2F%2Fmegaup.net&random=1182407558130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
868dad5678ad53acb8fd15f75ddaa361cc6fcb3bf60c17922ba3474beb9bd2b8

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2290
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Dec 2022 03:35:41 GMT
Expires
Tue, 27 Dec 2022 03:35:41 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
iframe
sync.mathtag.com/sync/ Frame 61E7 		711 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=377c63aa-680c-4501-a5a9-b7f2240d91e0&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 277 3f0ad7a master zrh-pixel-x24 config:1.0.0 /
Resource Hash
68285c4613c71671bdf44ebf48eada0a036ce78b3b7cd36acf3333f840e20c7d

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 27 Dec 2022 03:35:41 GMT
Expires
Tue, 27 Dec 2022 03:35:40 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x24 config:1.0.0
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?oz_pl=1&si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=607191054895255903&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.87.1/ Frame 09A0 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=607191054895255903&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54838
Expires
Fri, 04 Sep 2054 05:21:40 GMT
img
sync.mathtag.com/comp/ Frame 09A0 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 277 3f0ad7a master zrh-pixel-x7 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Dec 2022 03:35:40 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 755A 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 21:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:00:52 GMT
/
track.adform.net/adfscript/ Frame 755A 		732 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60271190;click=https://hal900022.redintelligence.net/c/patf7a99cgaaug0?tprd=
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
67ab7096b5991ba7642fca6bc39a56e77a9842fc71ab4d15d948f99dee7c0616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
531
expires
-1
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?oz_pl=1&ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=8677641587143183134&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 1230 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 21:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:00:52 GMT
/
track.adform.net/adfscript/ Frame 1230 		732 B
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60271195;click=https://hal900010.redintelligence.net/c/pdq52wcpeqriqru?tprd=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c85a693026abb594e8a67367b38a2f18dba9f63e579d9fe2d319619f73c4f229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
532
expires
-1
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&sid=AbhjeUoXEAEhib1e&oz_sc=04342fe1bc610781a17e5774&oz_df=1672112141794&oz_l=265&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?oz_pl=1&si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//megaup.net/1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&ui=beb62802-0000-0000-0000-000000000000&ap=&ti=607191054895255903&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&pp=11793&sr=62&de=43003&si=9121999&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=80.255.7.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
img
sync.mathtag.com/comp/ Frame 61E7 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=377c63aa-680c-4501-a5a9-b7f2240d91e0&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=377c63aa-680c-4501-a5a9-b7f2240d91e0&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Dec 2022 03:35:40 GMT
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&sid=AbhjeUsCEAFNPAod&oz_sc=1ed7fc89f8d772136890b070&oz_df=1672112141861&oz_l=265&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=40856057513145779109890&rev=2369ca4&pr=0.152&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204414&crid=110565495&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=38042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
viewability
hal900022.redintelligence.net/ Frame 755A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=38849600012927306783187012186022&a=2cecedd2&vb=m
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:41 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
3aa08941-d2fe-4e2e-8046-8cc3d44861ca
https://megaup.net/ Frame FE77 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://megaup.net/3aa08941-d2fe-4e2e-8046-8cc3d44861ca
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 755A 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60271190;click=https://hal900022.redintelligence.net/c/patf7a99cgaaug0?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 28 Dec 2022 06:32:00 GMT
viewability
hal900010.redintelligence.net/ Frame 1230 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=15142500009392906783183012186010&a=74e7c1ac&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:42 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 1230 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60271195;click=https://hal900010.redintelligence.net/c/pdq52wcpeqriqru?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 28 Dec 2022 06:32:00 GMT
88e3b6eb-6375-40bb-8205-bbaf7be06864
https://megaup.net/ Frame F227 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://megaup.net/88e3b6eb-6375-40bb-8205-bbaf7be06864
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&sid=AbhjeUoXEAEhib1e&oz_sc=04342fe1bc610781a17e5774&oz_df=1672112142034&oz_l=4847&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&sid=AbhjeUsCEAFNPAod&oz_sc=1ed7fc89f8d772136890b070&oz_df=1672112142064&oz_l=4982&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
track.adform.net/adfserve/ Frame 755A 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=60271190;click=https://hal900022.redintelligence.net/c/patf7a99cgaaug0?tprd=;js=1;adfxid=1x;3396;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fmegaup.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
74db148ad1ce5c7b02e7a8a641bd135462ed3f1d2e0635475bfa8f2011b3fb85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2083
expires
-1
/
track.adform.net/adfserve/ Frame 1230 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=60271195;click=https://hal900010.redintelligence.net/c/pdq52wcpeqriqru?tprd=;js=1;adfxid=1x;5162;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fmegaup.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7b11a6d08318874864fb5045212226d7574bf3ec19b8904408684469d7f01aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2073
expires
-1
truncated
/ Frame 755A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 1230 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&sid=AbhjeUoXEAEhib1e&oz_sc=04342fe1bc610781a17e5774&oz_df=1672112142187&oz_l=3632&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 755A 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 28 Dec 2022 06:26:32 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 1230 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 28 Dec 2022 06:26:32 GMT
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&sid=AbhjeUsCEAFNPAod&oz_sc=1ed7fc89f8d772136890b070&oz_df=1672112142218&oz_l=3674&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=6656385724334679980960&rev=2369ca4&pr=0.152&bc=0.206&bmid=3690&biid=7265&sid=62334&brid=49187&adid=11204419&crid=110565442&ts=1672112140&bcud=206&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=68437
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
track.adform.net/csimpr/ Frame 755A 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=60271190&csi=pjWee8lnLD1Jn42stmwxYdhmvhsz0Bm3CD64vXc-v-PrygPkIxxfk5iAiKr-9T7iBzaNwqfS4aVj-Xh05VKVLt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900022.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900022.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12153721.js
s1.adform.net/Banners/Elements/Files/160090/12153721/ Frame 43B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/12153721.js?ADFassetID=12153721&bv=516
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7c407ab078a5e62b3a0002b22ebe856e96774039899296b2c7216a96f1b93c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx00000659fc93f242d19b1-0063aa5fb2-32941e2b-default
etag
W/"9cebbfd6cdb5c5a8e5c5c82b0266e441"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/csimpr/ Frame 1230 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=60271195&csi=IjDjmkeFYHpusSf4-3VhhtrnV4ZtH_8_CD64vXc-v-PrygPkIxxfk62ZZK_-nZilxexl05sNUmAyWJvUeXw5296vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900010.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900010.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12153723.js
s1.adform.net/Banners/Elements/Files/160090/12153723/ Frame 8D0B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/12153723.js?ADFassetID=12153723&bv=516
Requested by
Host: megaup.net
URL: https://megaup.net/1JFsg?pt=7bamY2%2FjpYfYpO%2FlAQYs5%2Fs8O8eyVTVNuDvfusud0m8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx0000036848f3a979d11a0-0063aa4dbb-32941e2b-default
etag
W/"bb7571baa31c395d64904fd014b94179"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
screen.css
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		1 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
019103fea0259fd6234019bc1ba4e46161ec1e1f02bb9f45c8dc9e0a271e422b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx00000a0d2d8fae1fd9a0f-0063aa5fb2-329373d4-default
etag
W/"52f0d8979aadaeac39379ed36c89d0ea"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 43B4 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000092b7bf2d6ff3edb0-0063765dc3-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		106 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9c454254e41f5ff111583251f149649ebfe67a36438522efafa11630d60cb9dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx0000070913f8c5d82ffd2-0063aa5fb2-3293aae9-default
etag
"c86209959b9da29b209c3d5bcac3ca3f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
106
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4d424d6633502b4eb28356c60bba0d002a8456df0de6b6cc41e3abd01eef8182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx000004a2212d85d7f8eb8-0063aa5fb2-32940f80-default
etag
"33319a97f1f459e980aa054fa41e33e9"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6228
text0.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8b88ca4a987d6c5299031cb992fda2ef3b2ea67f56b3daa754b3ff65459f7f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx00000fedc56b4ec1386e0-0063aa5fb2-329354d9-default
etag
"0a87c58bcbafb5da609bf6bc76084d25"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5080
text1.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
632d063657c6f4c043354f177efe3b31b5d108fc8d67399fcb2437d02ab8699a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx000007491920c2fd25ced-0063aa5fb2-329354d9-default
etag
"92a0baf9e234eccc3dc2a138ecb194e7"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13609
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e242a4418d71693d7d5f18f73911012cb9f4baf849675c301b8dd8621dbf242

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx0000045f9e5ba9acc25c8-0063aa5fb2-3293aae9-default
etag
"77d56ab8cca3347809ee8903c81db10f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5139
date.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7c318bdc0f677a6d3df534a28c1d5294b691bf54e2f97add3466764a30a11da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx000006a3472b789dec4b9-0063aa5fb2-3293aae9-default
etag
"d37b693ea8369e3079ac284ca18e2fd1"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1577
cta.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
83936caa82da3ffe2f1ebac8b04282a7adc4db7125f99e2e9a7eed46a7c6bba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx00000af080e5c37affb51-0063aa5fb2-3293868f-default
etag
"e49a85c8c3d6145768d5c91210c7fe2b"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1379
logostart.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e8f202084637582b82e40a8ee2976c15a4b7c13d92275a98e015359a35fabd46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx000009832b874730f56d5-0063aa5fb2-329354d9-default
etag
"7af07209f0f6a7d04a2639b2f3ed76c2"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5240
logo.png
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5136f69023fda514b989f357cee8a4470cae950d10d220349c879e2e32021ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx00000ac6272ca35354a66-0063aa5fb2-3293868f-default
etag
"eb0f3b18e415591b9a5d4d0b6706dd32"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3595
model.jpg
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c81974c7e161ec96cfa17b1ac565067a3d08b2c99a15f40884693c3b1476f109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx00000a3d28b5098292bff-0063aa5fb2-3293868f-default
etag
"fc0e7dfa0e7ddaab9e24ab20479bd5cf"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
54555
background.jpg
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9149d94092ba16ab6876de9392d74aac837f6204d6b51b53b1aceb3c12e1e276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx000004bd69b9d3daba6c4-0063aa5fb2-32940f80-default
etag
"ef3f97507406075a61cbeb2cc3d6ddf1"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
37140
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 43B4 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2352843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1q6st%2F3OLcslrWHYlacVhYv4r%2F56gK72F1iECBckM%2BrHAouYWKRW7V6TuVtkj9ATAOgkAZYzh5ua9F7u8RCr2egrNL1YeIJhq0sYCk5RAHT5dxcfwaa1n5LXOsrFS1kbo6uEk%2FvkWv4%2Fd2XFEKrw%2BqC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77ff01fa4e039bd6-FRA
expires
Sun, 17 Dec 2023 03:35:42 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 43B4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2951728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow0YVgHbZAZp4GGJF8TzgP%2Bly9ICbt%2BeurQX7clkLrdIbdPogU%2F2sJjqAyf01GeLtDdDZZyOIgO7l%2Bm7cUHSf%2BfcpHd9OwDk4tnsJIt9mU9jbrSPwp4fqbwwstZcuU1VwxOyXEfZeO%2FbbdSo3zeq4g3K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77ff01fa4e049bd6-FRA
expires
Sun, 17 Dec 2023 03:35:42 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 43B4 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5215310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUEDFeQWc0v2n%2FyXaDikeiabiM9hSMB%2BKBVYdVx6CoSf4lqxJ449vScj10UWR8XJw20Matqo4EC4NpT710aJiVUT8ZP4HwDL5%2BwncLnuIz5p0MXjzaQ40B%2B%2BR5llMFcr7o%2BYqXN9vYb1Y0NxTAkujELP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77ff01fa4e059bd6-FRA
expires
Sun, 17 Dec 2023 03:35:42 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/ Frame 43B4 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153721/bvpath_516/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7b20d395c268efe3267739b189c0490cd22f82f2c58f79dfb58ea48e9fd9fcb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:42:45 GMT
server
nginx
x-amz-request-id
tx000004952babe877ac85f-0063aa5fb2-3293aae9-default
etag
W/"91b4a6abc30c802b07c11d5b117e7a57"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
screen.css
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		1 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f2f998bd4c7061cb0a1e3a01f1f5de7d4f42b2b959a026f544cdc6c7202e02bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000289e492cbd339952-0063aa4dbb-329373d4-default
etag
W/"4ff91c739552a99b8c4bc3df2061de76"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 8D0B 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000092b7bf2d6ff3edb0-0063765dc3-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		103 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000858e1995d22d3a3f-0063aa4dbb-329373d4-default
etag
"eeb9c35d55092b02bf5fa183ecd734f8"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
103
text0.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000c3e6b9a131b264f8-0063aa4dbb-329354d9-default
etag
"b40bca9f571a135a168188a0310caad3"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4939
text1.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27752cf786287e6da49294981b9b812b2adb2c02fe6787a9586fa0fdf958998e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000e82c56e7cd4d55b3-0063aa4dbb-32940f80-default
etag
"3e53c5da7364a1b87f702a884eb2209a"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17328
text2.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
da81576c4fa06d8a13dc4298437df6177081447f202124cf805e196e8c07f0f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx0000077e5bc26b7b21b80-0063aa4dbb-329373d4-default
etag
"aabc0d20f3ffc383038ba1ecca19159d"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2706
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e0c24819276a1c6f8a8cedc925e114763711b86e1adb3bf62e32d5175fb7c4f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx000003d181dda003ff0fa-0063aa4dbb-32941e2b-default
etag
"94a361d8178c08f774ff6fa38aac39ab"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8518
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000b8e469d454311fc4-0063aa4dbb-32940f80-default
etag
"2163627c7872afe2a6e2ee6a39d09a7f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5633
date.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
aa2e30fb40eef2bdde32441d96a1b671c4a34170ab6de0ace0bc7c45287bcb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000c7a377065b2bd6ff-0063aa4dbb-3293868f-default
etag
"1836ac67581ffb4889612a0dd7669d5b"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6263
cta.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
117a5a5b2ea2b5f04f4932c1af5e8e73cc2ad1b9dca13a1fef8a42588e81931f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx0000026a43c363649b48a-0063aa4dbb-329354d9-default
etag
"35ccff836bf68d47ec4c58ea3d3c22d5"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6006
logostart.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx000005838de6a1a41e9ba-0063aa4dbb-3293aae9-default
etag
"0539ca6530d6756126aee292b52e0cf8"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4815
logo.png
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx000004942e93aeab1edcc-0063aa4dbb-3293aae9-default
etag
"926213b1f44a9786a29d0fa8b723023f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3791
model.jpg
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
39ad1ba4e4a887e3dc50f4f0626b2e3e51edd012071fce4d21b5af513a0c5704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000a86b3aa30e03160f-0063aa4dbb-329373d4-default
etag
"190ef16849b6a4a092feef32e9d7558b"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17447
background.jpg
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
39ad1ba4e4a887e3dc50f4f0626b2e3e51edd012071fce4d21b5af513a0c5704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx0000099c3dfd5ae2b9f20-0063aa4dbb-32941e2b-default
etag
"190ef16849b6a4a092feef32e9d7558b"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17447
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 8D0B 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2352843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvaKe1y8020Gpd33TamItHHhurdYg8O8uNWrqxbCjjWjVfMrt2iCM7RNg7dSNRlDAIEqfPc0oqP5A1yjrxyZD%2Btg9E6%2FUG4nKEPr%2BIAG4jCgtTwKNByOKNijNrqyups6CuDB3hUo%2BIh%2FElCU64GQUvl3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77ff01fa4e079bd6-FRA
expires
Sun, 17 Dec 2023 03:35:42 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 8D0B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2951728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95MJNfK4iDxR%2BToZungRqBH5aXBCZefwuZfTnbwmgyFdCz1Yf7Xqx1%2BqAKOz4t1Mi%2FjlmbxpxSWgB7zu5AsUOCzRUOOmEMlHW9mFiNB5U6XvjHTbkby1yaLiFLBFx3IROgG0j%2BohBR41POe1EikM00YB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77ff01fa4e069bd6-FRA
expires
Sun, 17 Dec 2023 03:35:42 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 8D0B 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5215310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FT83XihOQSu8Rr0Qc05X6jDVzRUuRPv3pvXTsJRXtIR1qtp6855dWF13tKJg7vrGDdZFmuihHzrzKowxxsOGLVi7YSffYY4%2B02DWcPZ1zonAk8ROVQ2HQJgIQx4vjAXHedy%2FEdJnPsy0smpzfu28E1%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77ff01fa4e099bd6-FRA
expires
Sun, 17 Dec 2023 03:35:42 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/ Frame 8D0B 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153723/bvpath_516/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:31:17 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:42:46 GMT
server
nginx
x-amz-request-id
tx00000ab04e16c6ec66b79-0063aa4dbb-32941e2b-default
etag
W/"921b0be880dcfcc231e80d970a2248af"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&sid=AbhjeUoXEAEhib1e&oz_sc=04342fe1bc610781a17e5774&oz_df=1672112142387&oz_l=524&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&sid=AbhjeUsCEAFNPAod&oz_sc=1ed7fc89f8d772136890b070&oz_df=1672112142426&oz_l=417&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
872013dc-c5e9-4c90-916c-eafa79bc0f33
https://megaup.net/ Frame 9ADC 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://megaup.net/872013dc-c5e9-4c90-916c-eafa79bc0f33
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
802
8560cabe-1abe-48e4-b9f6-2b7424d2a662
https://megaup.net/ Frame 09A0 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://megaup.net/8560cabe-1abe-48e4-b9f6-2b7424d2a662
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
802
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&sid=AbhjeUoXEAEhib1e&oz_sc=04342fe1bc610781a17e5774&oz_df=1672112142548&oz_l=10055&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&sid=AbhjeUsCEAFNPAod&oz_sc=1ed7fc89f8d772136890b070&oz_df=1672112142578&oz_l=10055&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/ Frame 9ADC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUoXEAEhib1e/postback?ti=8677641587143183134&sr=62&r3=&ci=619621&pd=avt&ap=&c1=12780336&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&de=43003&si=9121999&dm=300x250&ac=1262142&cr=11204414&dt=6196211556140246740000&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&r1=80.255.7.0&ai=215543&r2=&ui=beb62802-0000-0000-0000-000000000000&pp=11793&sid=AbhjeUoXEAEhib1e&oz_sc=04342fe1bc610781a17e5774&oz_df=1672112142713&oz_l=438&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/ Frame 09A0 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbhjeUsCEAFNPAod/postback?si=9121999&pd=avt&ap=&ti=607191054895255903&pp=11793&ai=215543&r1=80.255.7.0&r3=&di=https%3A%2F%2Fmegaup.net%2F1JFsg%3Fpt%3D7bamY2%252FjpYfYpO%252FlAQYs5%252Fs8O8eyVTVNuDvfusud0m8%253D&sr=62&de=43003&dm=728x90&dt=6196211556140246740000&pv=38684a27-ce6b-4fa2-8ef7-22ebdec3b8e6&ac=1262142&ci=619621&ui=beb62802-0000-0000-0000-000000000000&cr=11204419&c1=12780336&r2=&sid=AbhjeUsCEAFNPAod&oz_sc=1ed7fc89f8d772136890b070&oz_df=1672112142731&oz_l=436&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://megaup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
viewability
hal900022.redintelligence.net/ Frame 755A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=38849600012927306783187012186022&a=2cecedd2&vb=v
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=38849600012927306783187012186022&a=447bf651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900010.redintelligence.net/ Frame 1230 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=15142500009392906783183012186010&a=74e7c1ac&vb=v
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=15142500009392906783183012186010&a=7f612215
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8F66 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-181.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 03:35:43 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 03:35:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame DA7F 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ddb55401278e4314e2ca586d0b970cd6c2d72076ae2eab8f08ccc5404bb2cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=136940
content-encoding
gzip
content-length
8208
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 03:35:43 GMT
expires
Wed, 28 Dec 2022 17:38:03 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 0EFA 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ddb55401278e4314e2ca586d0b970cd6c2d72076ae2eab8f08ccc5404bb2cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=136940
content-encoding
gzip
content-length
8208
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 03:35:43 GMT
expires
Wed, 28 Dec 2022 17:38:03 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0987 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-181.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 03:35:43 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 03:35:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame C29D 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28656
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 26 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-id
vQhQzi05fhl6Jj96snx8TdYPANDbfRRTcmCM9Fo01XR0WKDTFH4abA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 5892 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ddb55401278e4314e2ca586d0b970cd6c2d72076ae2eab8f08ccc5404bb2cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=136940
content-encoding
gzip
content-length
8208
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 03:35:43 GMT
expires
Wed, 28 Dec 2022 17:38:03 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 31BC 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 27 Dec 2022 03:35:43 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F34A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-181.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 03:35:43 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 03:35:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
prebid
b1h-euc1.zemanta.com/usersync/ Frame 481E 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:43 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
us
sync.go.sonobi.com/ Frame 481E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D03eb6f3e33a62c3c%26uid%3D%24UID&partner=eplanning
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY...
0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgISDDgB
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-84
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgISDDgB
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
async_usersync
ib.adnxs.com/ Frame 0987 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:43 GMT
AN-X-Request-Uuid
eddb7300-0b9d-4c14-9fd7-b41e2dcfab97
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8F66 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:43 GMT
AN-X-Request-Uuid
24975a59-988b-4762-9884-ed7d8a249786
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/serving/unload/ Frame 755A 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5623776359684793215@@60271190,7392782960902837051,100|1101|0|0|0|0|0|0|0||43|1|||||1|0|0|aQQ7kWHZcL1cPlakbYq96f-2YKSpqE_7rf0v2ifs4zKhRSlFADHHN_L_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900022.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900022.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
async_usersync
ib.adnxs.com/ Frame F34A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:43 GMT
AN-X-Request-Uuid
5ab20f4d-86fe-4567-aa24-070ae7a01819
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame C900 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.223.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
72fd4b945e70daa83e3265fe9e137f592ff8ff6e30482d8a5c6172ce3230790e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 27 Dec 2022 03:35:43 GMT
etag
W/"0e4a00734540d6c025cba9fb5421c8ea6"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame AC26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame A2C4 		794 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
bb34a235703f6e6ba3e66ce418193dae4dc5449c99f5fada629a95e4ff0c39d6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
794
content-type
text/html
date
Tue, 27 Dec 2022 03:35:43 GMT
usermatch
ssum-sec.casalemedia.com/ Frame AAC3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1762c2ef5b2a6d9d2e113b4be676b3ab39691fd307f97112630340478a0d98

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77ff02042f972bcf-FRA
content-encoding
br
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmE7%2B2gH1FJ%2BThNYJJLZshtx%2BM8CLzs0tTmuenKQyXmLYwEEV2Xo90HUk2eDIBNq%2FOGHtTaAb3zvobqRTE5H%2BrxfnfK2DBd4GM9OGljDOkSrjloC%2FNm2uJ8t4b4dgVNfdnktgW3n8ZkhFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77ff02039d889202-FRA
content-length
0
date
Tue, 27 Dec 2022 03:35:43 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMVbXKHZz%2Bs%2Bd%2FVFbmRmdR0vcIIh33J5LuqWRo1kGCFEk0k4JwvPr1Iy%2F63QxCiZNnt9nLn%2FH8FXbrnFSwgkU6ZsiHfhv34Y3luaPCauBqEWt8ro%2BEF%2BHZRLbkVWXzf9wgdO3o1OsR%2Fl5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B72F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 03:35:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Dec 2022 03:35:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B21A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80838
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Wed, 28 Dec 2022 02:03:02 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 58D8 		0
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
x-amz-cf-id
YPG0gY6EUeJscmdJgJQSWnR5J19o-frK8fo-Hvd9Drah5tZ_H7_UGA==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame C29D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:43 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Tue, 27 Dec 2022 03:35:43 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c697eab2-2af1-431b-9a98-9386e72e90e7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C29D
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame C29D 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:43 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame C29D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1672112143945
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4095861601
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4095861601
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
etag
RXeac1d13e9ac748ae9cc52442b5829636003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4095861601
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame C29D
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame C29D 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-120
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame C29D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=cd554bc4-fdc2-4d1b-8da1-473ce97f02d1&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=cd554bc4-fdc2-4d1b-8da1-473ce97f02d1&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:43 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=cd554bc4-fdc2-4d1b-8da1-473ce97f02d1&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 27 Dec 2022 03:35:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame C29D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
date
Tue, 27 Dec 2022 03:35:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame C29D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz...
  • https://ssp.disqus.com/match?bidder=14&buyeruid=2333851858879476649&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnV...
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmM...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame C29D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
date
Tue, 27 Dec 2022 03:35:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
track.adform.net/serving/unload/ Frame 1230 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7946301243496629626@@60271195,3513372726277870837,100|1197|0|0|0|0|0|0|0||41|1|||||1|0|0|DGIk8XMCeE5cPlakbYq96fKB7B1T4IL3pM7KIlZ4LsXUiGWAffcDE_L_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900010.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900010.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sync
ads.servenobid.com/ Frame A2C4 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6173532661063726968&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame A2C4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7181666973726144662&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7181666973726144662&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7181666973726144662&gdpr=0&gdpr_consent=
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A2C4
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3MzUzMjY2MTA2MzcyNjk2OA==&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3MzUzMjY2MTA2MzcyNjk2OA==&gdpr=0&gdpr_consent=&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3MzUzMjY2MTA2MzcyNjk2OA==&gdpr=0&gdpr_consent=&google_tc=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3MzUzMjY2MTA2MzcyNjk2OA==&gdpr=0&gdpr_consent=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
347
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame A2C4
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6173532661063726968&gdpr=0&gdpr_consent=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6173532661063726968&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
35.157.59.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-59-48.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6173532661063726968&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
smartadserver
cs.admanmedia.com/sync/ Frame A2C4 		0
0
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d715ae97-1a56-4bdd-a0af-edcd7dec3770
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=61734a39-fbda-403a-8340-82169cdc743a
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=61734a39-fbda-403a-8340-82169cdc743a
  • https://usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a316611d-81e2-4f7d-6ce5-0b16c1c9df6a$ip$80.255.7.106
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-a316611d-81e2-4f7d-6ce5-0b16c1c9df6a$ip$80.255.7.106
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-a316611d-81e2-4f7d-6ce5-0b16c1c9df6a$ip$80.255.7.106
Date
Tue, 27 Dec 2022 03:35:44 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=agA8QFLmIat4PE91v_OV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YLHIE4FCRSMNVEWC5BUKBCTSMLWL5HVM...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=agA8QFLmIat4PE91v_OV&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=agA8QFLmIat4PE91v_OV&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=agA8QFLmIat4PE91v_OV&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C900
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1853156886
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1853156886
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
etag
RXeac1d13e9ac748ae9cc52442b5829636003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1853156886
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=jjYtr3zepPUt&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=jjYtr3zepPUt&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=jjYtr3zepPUt&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b977cc7b4-7jtmm
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame C900
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28as7yq36rlsAbOlihgxC4OliqpGTlRabaSOKxeY9k3Zl3HrJzyGyuu-ZvI0ZEFm_I%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&obuid=ENC(as7yq36rlsAbOlihgxC4OliqpGTlRabaSOKxeY9k3Zl3HrJzyGyuu-ZvI0ZEFm_I)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D...
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DMn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
content-length
0

Redirect headers

Location
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DMn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Date
Tue, 27 Dec 2022 03:35:45 GMT
X-TraceId
7731f2028b4a23ea674a55b9ac595489
Content-Length
0
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 27 Dec 2022 03:35:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
content-length
0
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1b33c029-e078-406c-8e25-5c8cb112ee71
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1b33c029-e078-406c-8e25-5c8cb112ee71
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1b33c029-e078-406c-8e25-5c8cb112ee71
Date
Tue, 27 Dec 2022 03:35:44 GMT
Connection
keep-alive
X-CI-RTID
1d255315-4e58-424c-b353-873575e20133
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame C900 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
975123274
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame C900 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
access-control-allow-origin
*
date
Tue, 27 Dec 2022 03:35:44 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame C900
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
date
Tue, 27 Dec 2022 03:35:43 GMT
content-length
0
sync
ads.servenobid.com/ Frame C900 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
0.gif
id5-sync.com/i/495/ Frame 9FCE
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 03:35:42 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B494 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80838
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Wed, 28 Dec 2022 02:03:02 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 7726 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 0D3C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
Tue, 27 Dec 2022 03:35:43 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x30 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 4A68
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y6poEAAADupgXwAe
  • https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAADupgXwAe&gdpr=0&gdpr_consent=&_test=Y6poEAAADupgXwAe
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAADupgXwAe&gdpr=0&gdpr_consent=&_test=Y6poEAAADupgXwAe
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAADupgXwAe&gdpr=0&gdpr_consent=&_test=Y6poEAAADupgXwAe
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220063-HHN
x-timer
S1672112144.274135,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 1456
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=&google_tc=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame B7F7
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=2333851858879476649&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 27 Dec 2022 03:35:43 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
usersync
usersync.gumgum.com/ Frame 3C92
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8XwAAJ8uVtMAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8XwAAJ8uVtMAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 27 Dec 2022 03:35:45 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8XwAAJ8uVtMAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
118
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40061.dc2p.scaleout.jp
X-SO-IP
80.255.7.106
X-SO-Key
Y6poEMCo8XwAAJ8uVtMAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y6poEMCo8XwAAJ8uVtMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40061"}
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40061
gumgum
cs.admanmedia.com/sync/ Frame B024 		0
0
usersync
usersync.gumgum.com/ Frame 3AD9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77ff02043fa32bcf-FRA
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gX%2FG%2Bl20pnmpwStFAJwd2nAjt1zaeWxCpUEPXMoBJy0KbHF6R7%2FuJQDgjCNYZTj3iQ5x844W0Css4%2FN7cOTCC0KutxB8nhJvVUR3YMklG3CjLX4EPt2qwYHbweXA0ChlW3M1Uhc%2FfdfcBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 80AE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT Tue, 27 Dec 2022 03:35:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6E6F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 03:35:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame B21A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95343030&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5309acf0cfe2e63117837f93e9dfe9c48f3f9085f9c22fbfcfe8253966f95963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame AAC3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6BHGSBDCKSDEPAZ2FPWQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FX5YXZM5NKYYFH3XMSWT
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AAC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBlLC_Kvve7UsFiGfajJKgY&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBlLC_Kvve7UsFiGfajJKgY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=su3vbUgZqQ79mUg0p%2BGhOyJ1KC5HfnOxEWkZYvLLxk3YP6TCVaAmoqkUdxCIIikfVs3ser%2BeJqif9hTFx1dfY05ALNwfZ4hmZGugZsYdLG%2B7rzFvkNoUUgO1u3Rk4Pr0gS6Lh7%2Fvx1R2Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77ff0206d9832bcf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBlLC_Kvve7UsFiGfajJKgY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AAC3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame AAC3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6poDyGUNL2XKEokSTonbgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMoWDYjnme4wfYdVmoUhr5s&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMoWDYjnme4wfYdVmoUhr5s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMoWDYjnme4wfYdVmoUhr5s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AAC3 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:909a:e593:7b70:eda7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame AAC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6poEAAAAWRF9QAo
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6poEAAAAWRF9QAo&_test=Y6poEAAAAWRF9QAo
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6poEAAAAWRF9QAo&_test=Y6poEAAAAWRF9QAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220063-HHN
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672112144.289435,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6poEAAAAWRF9QAo&_test=Y6poEAAAAWRF9QAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame AAC3
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Tue, 27 Dec 2022 03:35:44 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame AAC3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2333851858879476649
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2333851858879476649
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
abf4a455-68d8-4838-a446-755b7f9bfaa3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2333851858879476649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame AAC3 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame B72F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f02d584e01f9b2375ce4b44e694fe86d666e3dfd83c7f46a5fec0f5cef6cb89b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 07:39:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14634
Connection
keep-alive
Content-Length
10067
Expires
Tue, 27 Dec 2022 07:39:38 GMT
sync.html
public.servenobid.com/ Frame E0A5 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28657
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 26 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-id
znPHgan_nNMuJZY4gT0B97YLcSnCeP2N-N81XMTs0-PTCRVP1gGSfQ==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame D32C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-181.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 03:35:44 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 03:35:46 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E229 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 27 Dec 2022 03:35:44 GMT
checksync.php
contextual.media.net/ Frame 4487 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ddb55401278e4314e2ca586d0b970cd6c2d72076ae2eab8f08ccc5404bb2cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://megaup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=136939
content-encoding
gzip
content-length
8208
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Wed, 28 Dec 2022 17:38:03 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
merge
ce.lijit.com/ Frame 9390
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D03eb6f3e33a62c3c%26uid%3D%24UID&partner=eplanning
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1a...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-f7db464a-d715-3f19-9ba8-a279aea06639&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-f7db464a-d715-3f19-9ba8-a279aea06639&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgIGDDgC
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-f7db464a-d715-3f19-9ba8-a279aea06639&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MDNlYjZmM2UzM2E2MmMzYyZ1aWQ9dWEtZjdkYjQ2NGEtZDcxNS0zZjE5LTliYTgtYTI3OWFlYTA2NjM5MgIGDDgC
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
prebid
b1h-euc1.zemanta.com/usersync/ Frame 9390 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-14.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://megaup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 6E6F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f02d584e01f9b2375ce4b44e694fe86d666e3dfd83c7f46a5fec0f5cef6cb89b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 07:39:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14634
Connection
keep-alive
Content-Length
10067
Expires
Tue, 27 Dec 2022 07:39:38 GMT
khaos.jpg
token.rubiconproject.com/ Frame B72F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
13926
g2.gumgum.com/usync/ Frame 1062 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.223.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
72fd4b945e70daa83e3265fe9e137f592ff8ff6e30482d8a5c6172ce3230790e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 27 Dec 2022 03:35:44 GMT
etag
W/"0e4a00734540d6c025cba9fb5421c8ea6"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 3E07 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame BCD0 		755 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fdb81e9dac5bdefc6f55fec8edef71ab66383b92b76dadda7f83359a21107d11

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
755
content-type
text/html
date
Tue, 27 Dec 2022 03:35:43 GMT
generic
match.adsrvr.org/track/cmf/ Frame E0A5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6321214481
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6321214481
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
etag
RXeac1d13e9ac748ae9cc52442b5829636003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6321214481
cache-control
no-store, no-cache, must-revalidate
expires
0
usa
sync.go.sonobi.com/ Frame E0A5 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-169
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BB50 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8f2708a3b5d7b1e4da554fedb19458da4faa8bef611760a1850d428a4461f6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77ff0205887c2bcf-FRA
content-encoding
br
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkzG%2Be3BVMmO%2BWi26%2BmWzceJ%2BS6agdXVub3WoUUkam7KULSm7qI2cRSJLX9Lynj61R7IOv%2BgzuOc3kzCoyqVrBfEbw2Mtxr3ngxehqOyKj2Da4fmcf2sitGgfee%2FoyT1rykawz97llubQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame E0A5
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mN2RiNDY0YS1kNzE1LTNmM...
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz...
  • https://ssp.disqus.com/match?bidder=14&buyeruid=2333851858879476649&r=Cid1YS1mN2RiNDY0YS1kNzE1LTNmMTktOWJhOC1hMjc5YWVhMDY2MzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnV...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-f7db464a-d715-3f19-9ba8-a279aea06639
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:45 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
usync.html
eus.rubiconproject.com/ Frame ADBD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 03:35:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01F2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80838
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Wed, 28 Dec 2022 02:03:02 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 9676 		0
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
x-amz-cf-id
HpjAy6Heh7f05YHCN-5ItxhL4AWvFxJkYkgKMwJ74IfKActDk0Z5Mw==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame E0A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6265a220-ba92-4b64-98c1-dba881750fc7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=2333851858879476649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame E0A5
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=F4k3pRZHzNfaBJMXTTyu77vy
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame E0A5 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 03:35:44 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame E0A5
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210822894969272
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame E0A5
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=987c6a9f-e428-4bea-80bd-90f038f45e1a&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=987c6a9f-e428-4bea-80bd-90f038f45e1a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=987c6a9f-e428-4bea-80bd-90f038f45e1a&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 27 Dec 2022 03:35:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame E0A5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame E0A5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
khaos.jpg
token.rubiconproject.com/ Frame 6E6F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame D32C 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
AN-X-Request-Uuid
38ac5c2d-3992-4aa8-a136-c8bb0581f2a0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame BCD0 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6173532661063726968&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame BCD0
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=1f7f877bd1&gdpr=0&gdpr_consent=
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=1f7f877bd1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=1f7f877bd1&gdpr=0&gdpr_consent=
Connection
keep-alive
X-XSS-Protection
1; mode=block
generic
match.adsrvr.org/track/cmf/ Frame BCD0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame BCD0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-hhn-etou8220063-HHN
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672112144.336634,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame BCD0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=61734a39-fbda-403a-8340-82169cdc743a&bidswitch_ssp_id=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=724870660876&expires=30&user_group=1&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61734a39-fbda-403a-8340-82169cdc743a&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61734a39-fbda-403a-8340-82169cdc743a&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:43 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=61734a39-fbda-403a-8340-82169cdc743a&gdpr=&gdpr_consent=
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 545E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
42 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
Tue, 27 Dec 2022 03:35:43 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x29 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 855C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3588404895278553693
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3588404895278553693
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3588404895278553693
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame C4A5 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 03:35:43 GMT
expires
Tue, 27 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
412486
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2FF0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NBHE9BCVG05HTBW9K2VA

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
58TK57J8609A7ZYQ9R8R
Pug
simage2.pubmatic.com/AdServer/ Frame 919A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2333851858879476649&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2333851858879476649&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
e92e7214-4d34-4e77-8a7a-4c724846594c
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2333851858879476649&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
sync
ads.servenobid.com/ Frame 763F 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Tue, 27 Dec 2022 03:35:44 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B21A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KDETycLPS5Cx_BKusuuBwQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=80838
accept-ranges
bytes
content-length
5554
expires
Wed, 28 Dec 2022 02:03:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B21A 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77ff02069e509b63-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame B21A 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.216.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.8
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame B21A
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1917801438
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:43 GMT
via
1.1 google
last-modified
Tue, 27 Dec 2022 03:35:44 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
date
Tue, 27 Dec 2022 03:35:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame B21A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjgzMTEzQzktQzJDRi00QjkwLUIxRkMtMTJBRUIyRUI4MUMx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B21A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFDu1jbu_bZ6cn5AF88u1tE&google_cver=1
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFDu1jbu_bZ6cn5AF88u1tE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFDu1jbu_bZ6cn5AF88u1tE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B21A 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Dec 2022 03:35:44 GMT
generic
match.adsrvr.org/track/cmf/ Frame B21A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame B21A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7946301243496629626
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7946301243496629626
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7946301243496629626
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame BB50
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=377c63aa-680c-4501-a5a9-b7f2240d91e0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=377c63aa-680c-4501-a5a9-b7f2240d91e0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x27 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=377c63aa-680c-4501-a5a9-b7f2240d91e0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Dec 2022 03:35:43 GMT
Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BB50
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:909a:e593:7b70:eda7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame BB50 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.183.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-183-212.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BB50
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3749402954534979672
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3749402954534979672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3749402954534979672
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BB50
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687836944&external_user_id=6381f043-8a37-4534-936a-a03672bde37a
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687836944&external_user_id=6381f043-8a37-4534-936a-a03672bde37a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687836944&external_user_id=6381f043-8a37-4534-936a-a03672bde37a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame BB50
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Tue, 27 Dec 2022 03:35:44 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
rum
dsum.casalemedia.com/ Frame BB50
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672198544
43 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672198544
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBeWRJ09rAjkiPlAwiRFeoPAOQwNjsyL6jMNFyzFJaNr7S6O2%2BrTyCUzMXdRZbWOjgWtWgaSPDSxNqgSa0gaJVUN3gWagTFAUStivmgemkTnoJjygdXFFCqFMbbWr1LamT5kvxBk"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77ff02088dd692b7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672198544
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame BB50
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6poDyGUNL2XKEokSTonbgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJohwTNmlvegmTYrENc_3X4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJohwTNmlvegmTYrENc_3X4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJohwTNmlvegmTYrENc_3X4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame BB50 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ce9d7777-6d09-46bb-9da9-ad7e1f0093e4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2333851858879476649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=61734a39-fbda-403a-8340-82169cdc743a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=56e313df-896b-4eff-9a6d-ed412f577341&expires=1&user_group=2&ssp=gumgum2&bsw_param=61734a39-fbda-403a-8340-82169cdc743a
  • https://usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=61734a39-fbda-403a-8340-82169cdc743a
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0d049cc0-c5f1-4a8b-6420-153ffce26c7a$ip$80.255.7.106
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0d049cc0-c5f1-4a8b-6420-153ffce26c7a$ip$80.255.7.106
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0d049cc0-c5f1-4a8b-6420-153ffce26c7a$ip$80.255.7.106
Date
Tue, 27 Dec 2022 03:35:44 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=KA0Gi-ko-RXaKcRoS8Q-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S2BGBDWSLLLN4WVEWDBJNRVE32THBIS2...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=KA0Gi-ko-RXaKcRoS8Q-&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=KA0Gi-ko-RXaKcRoS8Q-&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=KA0Gi-ko-RXaKcRoS8Q-&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1062
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5826440257
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5826440257
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
etag
RXeac1d13e9ac748ae9cc52442b5829636003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5826440257
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=uqLIIu047ssC&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=uqLIIu047ssC&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=uqLIIu047ssC&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b977cc7b4-2gc9v
expires
-1
cookie-sync
sync.outbrain.com/ Frame 1062
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&obuid=ENC(Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DMn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9%26g...
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&ini...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:45 GMT
Cache-Control
no-cache
X-TraceId
77a6b750d53760962fa03b0f9e6f0dac
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=Mn28VsFRR0GkszrGNd8_VfB6-OAm8Kara8586xUBIMlv7hOrqTGI7njnloJe9EW9&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
date
Tue, 27 Dec 2022 03:35:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
259
content-type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 27 Dec 2022 03:35:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=cea1c563-b59d-4ca6-b58f-c6ee4133ae87
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 27 Dec 2022 03:35:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-8RtOE35E2pevcc..XtoQa0i.DDd0ioGLxoPO~A
content-length
0
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=42ab4df3-6995-41cc-891e-f6cb2cf2fead
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=42ab4df3-6995-41cc-891e-f6cb2cf2fead
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=42ab4df3-6995-41cc-891e-f6cb2cf2fead
Date
Tue, 27 Dec 2022 03:35:44 GMT
Connection
keep-alive
X-CI-RTID
518a3a14-8571-4cfd-ba97-5ded1ae2a89e
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 1062 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
975123278
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 1062 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
access-control-allow-origin
*
date
Tue, 27 Dec 2022 03:35:44 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 1062
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6173532661063726968
date
Tue, 27 Dec 2022 03:35:43 GMT
content-length
0
sync
ads.servenobid.com/ Frame 1062 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.124.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-124-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
0.gif
id5-sync.com/i/495/ Frame 645C
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 03:35:42 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 361F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=80838
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Wed, 28 Dec 2022 02:03:02 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 65A4 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 27 Dec 2022 03:35:44 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame BE89
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
Tue, 27 Dec 2022 03:35:43 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=377c63aa-680c-4501-a5a9-b7f2240d91e0&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame EBDA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y6poEAAAAWRF9QAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220063-HHN
x-timer
S1672112144.358157,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 0152 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lOGU4ZjIxYS0wZmJiLTQyZmQtYTI2OC1hMmIzNTY4ZTFjMDY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 5F03
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 27 Dec 2022 03:35:43 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=2333851858879476649brt57551672112144179426f1
usersync
usersync.gumgum.com/ Frame 0EF0
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8YoAAEgzKjcAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8YoAAEgzKjcAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 27 Dec 2022 03:35:44 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y6poEMCo8YoAAEgzKjcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40176.dc2p.scaleout.jp
X-SO-IP
80.255.7.106
X-SO-Key
Y6poEMCo8YoAAEgzKjcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y6poEMCo8YoAAEgzKjcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40176"}
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40176
gumgum
cs.admanmedia.com/sync/ Frame A361 		0
0
usersync
usersync.gumgum.com/ Frame F4D3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77ff020639052bcf-FRA
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y6poDyGUNL2XKEokSTonbgAA%265163
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in29aoQ17cIYWEBWqqyHhpEIJ9R5%2Fgnr3uF7Wv7maK45yOHUfixwcV7y9Yftbu%2BhL8ozw7XBzkUzNeUDPL7IeK14KoIs3FZKvJZoxbIRi%2FW%2FUxAGl61qUkkJWAnutIK7UkjYl6dNVVHVHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 8100
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Dec 2022 03:35:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT Tue, 27 Dec 2022 03:35:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=jfXy0pC0QXzLOgAhDYtN&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 14FA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 03:35:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Dec 2022 03:35:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
raleway_medium.woff
megaup.net/themes/flow/frontend_assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
Requested by
Host: megaup.net
URL: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.209.70.182 , Belize, ASN43317 (VEESP-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Origin
https://megaup.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 13 Apr 2021 12:31:48 GMT
server
nginx
etag
"60758f34-7c9c"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
31900
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame ADBD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f02d584e01f9b2375ce4b44e694fe86d666e3dfd83c7f46a5fec0f5cef6cb89b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 07:39:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14634
Connection
keep-alive
Content-Length
10067
Expires
Tue, 27 Dec 2022 07:39:38 GMT
cms-2c-rubicon.html
cti.w55c.net/ct/ Frame 012C 		52 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2c-rubicon.html
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.53 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eus.rubiconproject.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
274854
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
12841
content-type
text/html
date
Tue, 27 Dec 2022 03:35:44 GMT
etag
"3055990060"
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 14 Oct 2021 17:36:30 GMT
p3p
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
pragma
no-cache
server
ECS (frb/6752)
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
HIT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B72F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame ADBD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 6E6F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 14FA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f02d584e01f9b2375ce4b44e694fe86d666e3dfd83c7f46a5fec0f5cef6cb89b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 03:35:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 07:39:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14634
Connection
keep-alive
Content-Length
10067
Expires
Tue, 27 Dec 2022 07:39:38 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame B72F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B72F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ntES6CgvTKqo7xOJxUNyIw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ntES6CgvTKqo7xOJxUNyIw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ntES6CgvTKqo7xOJxUNyIw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
83VRRP0AZGJ454TJTYVG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ntES6CgvTKqo7xOJxUNyIw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame B72F 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B72F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
CookieSyncRubicon
rtb.adentifi.com/ Frame B72F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncRubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.144.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-144-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
tap.php
pixel.rubiconproject.com/ Frame B72F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=S2X7ICH9g7MH&ev=1&pid=560687
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=S2X7ICH9g7MH&ev=1&pid=560687
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=S2X7ICH9g7MH&ev=1&pid=560687
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b977cc7b4-2gc9v
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B72F
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1D530_FB885602_8C62AC6&expires=60
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1D530_FB885602_8C62AC6&expires=60
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1D530_FB885602_8C62AC6&expires=60
Date
Tue, 27 Dec 2022 03:35:44 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-355098944; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
225
Content-Type
text/html; charset=utf-8
khaos.jpg
token.rubiconproject.com/ Frame 14FA 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cms-2-rubicon.min.js
cti.w55c.net/ct/ Frame 012C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2-rubicon.min.js
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.53 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
0f4efd88cff143e750f695e1b659d65bd9853558b714866ab117a8ea341e081f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cti.w55c.net/ct/cms-2c-rubicon.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000; includeSubDomains
age
381461
x-cache
HIT
p3p
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
content-length
2630
pragma
no-cache
last-modified
Thu, 14 Oct 2021 17:36:33 GMT
server
ECS (frb/6760)
etag
"2570506054"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0987 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
AN-X-Request-Uuid
ac0b0733-4659-42f2-8307-09ba486e25b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8F66 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
AN-X-Request-Uuid
bda0539a-2036-400f-8de3-b748eda53a53
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pingmatch.gif
pm.w55c.net/ Frame 012C
Redirect Chain
  • https://pm.w55c.net/pingmatch.gif
  • https://pm.w55c.net/pingmatch.gif?scc=1
42 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pm.w55c.net/pingmatch.gif?scc=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol
HTTP/1.1
Server
3.123.245.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-245-15.eu-central-1.compute.amazonaws.com
Software
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://pm.w55c.net/pingmatch.gif?scc=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F34A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:44 GMT
AN-X-Request-Uuid
afeda1b4-0b72-4cb8-9dd6-8fdd9c615199
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match-result
tags.w55c.net/ Frame 012C
Redirect Chain
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QVRTN2JDMDcxUGEwS0k1&google_cm
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEOOe1a7CVjhD433GneoNKFQ&google_cver=1
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEOOe1a7CVjhD433GneoNKFQ&google_cver=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol
HTTP/1.1
Server
52.29.214.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-214-155.eu-central-1.compute.amazonaws.com
Software
Retargeting/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 03:35:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEOOe1a7CVjhD433GneoNKFQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2964
tags.bluekai.com/site/ Frame 012C 		62 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2964?id=ATS7bC071Pa0KI5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 27 Dec 2022 03:35:45 GMT
content-length
62
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame D32C 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 03:35:45 GMT
AN-X-Request-Uuid
8d531f2b-45e6-4476-b529-84d70e36ce7d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B21A 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 03:35:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6lthy1laqbnt.l4.adsco.re
URL
https://6lthy1laqbnt.l4.adsco.re/
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
webpick-cdn.s3.us-west-2.amazonaws.com
URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange string| WEB_ROOT number| t function| $ function| jQuery function| tmpl function| loadImage function| dataURLtoBlob function| ZeroClipboard boolean| bgFill function| bookmarksite function| showHideStatsTab function| showHideTip function| bytesToSize function| humanReadableTime function| browserXHR2Support object| clipboard function| copyToClipboard function| destroyClipboard function| createRandomAPIKey function| DeObfuscate_String_and_Create_Form_With_Mhoa_URL number| milisec number| seconds function| display number| LAST_CORRECT_EVENT_TIME object| utr_761186 number| userTrackingInterval number| _2000928554 number| _2394347518 number| _273408821 function| fa object| utr_764141 number| _1917621687 function| F5NN function| I833 boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| s function| E6ff function| f2AA function| H1ww function| B1ww function| i2oo function| gamingadult object| jQuery111006437380040846892 function| Hammer object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| TimelineLite function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| CSSPlugin function| revslider_showDoubleJqueryError function| SplitText object| revapi object| Modernizr function| RetinaImagePath function| RetinaImage function| ssc_init function| ssc_scrollArray function| ssc_wheel function| ssc_keydown function| ssc_mousedown function| ssc_setCache function| ssc_overflowingAncestor function| ssc_addEvent function| ssc_removeEvent function| ssc_isNodeName function| ssc_directionCheck function| ssc_pulse_ function| ssc_pulse number| ssc_framerate number| ssc_animtime number| ssc_stepsize boolean| ssc_pulseAlgorithm number| ssc_pulseScale number| ssc_pulseNormalize boolean| ssc_keyboardsupport number| ssc_arrowscroll boolean| ssc_frame object| ssc_direction boolean| ssc_initdone boolean| ssc_fixedback object| ssc_root object| ssc_activeElement object| ssc_key object| ssc_que boolean| ssc_pending object| ssc_cache function| ssc_uniqueID boolean| ischrome function| showUploaderPopup function| createSlowGauge function| createFastGauge function| showSuccessNotification function| showErrorNotification object| AnimationUpdater function| Gauge function| Donut function| BaseDonut function| TextRenderer function| gtag object| dataLayer object| google_tag_manager number| countdownTimer object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| fanfilnfjkdsabfhjdsbfkljsvmjhdfb number| iinf object| gaplugins object| gaGlobal object| gaData number| a object| g367CB268B1094004A3689751E7AC568F object| globalSlots string| purpleadsInstanceId object| purpleadsAgent object| prplPbjs boolean| _purpleAdsVideoInit string| purpleadsVideoInstanceId object| purpleadsVideoAgent object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako object| Base64 string| txt string| keyCodec string| keyArr string| keyRob string| forItemIdx function| ed string| property number| r number| g number| b string| bt object| ADAGIO object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| _0x3b35 function| _0x23d0 boolean| _purpleAdsDisplayInit object| _ADAGIO number| refS number| _tlTagsPending

108 Cookies

Domain/Path Name / Value
megaup.net/ Name: filehosting
Value: o75fivvo2alulgaod93jt0rdf6
keydawnawe.com/ Name: GL_UI4
Value: eJw9jUtugzAYhAHzaJSCOhIH6BFMAlGyrHqILpGNf4gbsCPjBvX2tSq1q%2Fk0D00URUldIX7kDOxLdHgdx4M4yZPkspWdPAztkS5t1%2FCW87M6dhfs9Np7IWfyKZ4nMuT00A9WUYmXEP05N2M3kyKTThhVIltCYy5RSGe3lVzNkBqxEPL3q7NBs0V8WgfW8HNgbQLHHIlda1btUHxoo8Kw2iNpeFXmEfb3WfjRuqXXKo%2BRTU4oQvyGp0F4mqz7RqFovXl7B%2Bys%2Bv%2F%2B7y%2FbGo5c0UMP4dz6K7kfcs1Kig%3D%3D
keydawnawe.com/ Name: GL_GI10
Value: eJw9i90KgkAUhE3DstQY6DWSCqyu%2B6En6HoxO8USnrOs2489fVbQ1Qzzzed5nj9O4WuDeDXN5nmeLbPZdIHgQgJ%2Fu0Ncyo2dbRQXFaG3J1sV3CC0dNHCCYa%2Foko5EQbb3eTAV5YH%2F8HHS9AttWsSRJ%2F4ftM%2BAl0bJBuxNFkX5fUoTIiYnKoN0QlRS4zYwhHS%2F%2Fp1wwB9XStj5dmEHYycrujV2krO55pcO3Xuof8GpmRBYA%3D%3D
altowriestwispy.com/ Name: GL_UI4
Value: eJw9jUtugzAYhAHzaJSCOhIH6BFMAlGyrHqILpGNf4gbsCPjBvX2tSq1q%2Fk0D00URUldIX7kDOxLdHgdx4M4yZPkspWdPAztkS5t1%2FCW87M6dhfs9Np7IWfyKZ4nMuT00A9WUYmXEP05N2M3kyKTThhVIltCYy5RSGe3lVzNkBqxEPL3q7NBs0V8WgfW8HNgbQLHHIlda1btUHxoo8Kw2iNpeFXmEfb3WfjRuqXXKo%2BRTU4oQvyGp0F4mqz7RqFovXl7B%2Bys%2Bv%2F%2B7y%2FbGo5c0UMP4dz6K7kfcs1Kig%3D%3D
altowriestwispy.com/ Name: GL_GI10
Value: eJw9i90KgkAUhE3DstQY6DWSCqyu%2B6En6HoxO8USnrOs2489fVbQ1Qzzzed5nj9O4WuDeDXN5nmeLbPZdIHgQgJ%2Fu0Ncyo2dbRQXFaG3J1sV3CC0dNHCCYa%2Foko5EQbb3eTAV5YH%2F8HHS9AttWsSRJ%2F4ftM%2BAl0bJBuxNFkX5fUoTIiYnKoN0QlRS4zYwhHS%2F%2Fp1wwB9XStj5dmEHYycrujV2krO55pcO3Xuof8GpmRBYA%3D%3D
pogothere.xyz/ Name: csu
Value: 1647244909734072@1@1672112138
.megaup.net/ Name: _ga
Value: GA1.2.220436011.1672112139
.megaup.net/ Name: _gid
Value: GA1.2.425895954.1672112139
.megaup.net/ Name: _gat_gtag_UA_108868042_1
Value: 1
megaup.net/ Name: g36FastPopSessionRequestNumber
Value: 1
megaup.net/ Name: a
Value: dKxxSnGggyhf9Q3yqm4AnVpmAOM0xBaU
megaup.net/ Name: token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI
Value: BAoAY6poDAFjqmgMgAGBAcAAIApUop0rDcahwIDa_N0HXbWFWej1XuhRs4e60wKg8of4wQAgbTVcAOqUtUAyhDInqgqitv_Is4A3GJYHWTI5drJv_Z7CACClHnF5IgthOOM7LBSMLfzW3EU8YIDhsIyMZnqk-uZiCsQAECoBBKATOACSAAAAAAAAAAjFABBmYcnIk9zEn-3ckU41VinpwwAgQ7Kuip7rhhFjdxEdEujT8nA61AFMBb2xcOhI0uxserQ
pbjs.e-planning.net/ Name: CT
Value: 1
.adnxs.com/ Name: uuid2
Value: 2333851858879476649
.e-planning.net/ Name: E
Value: APlD9qhsPws3FNwj
.prebid.a-mo.net/ Name: __amc
Value: 3_1672112140_1672112140
.adnxs.com/ Name: icu
Value: ChkIud-IARAKGAMgAygDMIzQqZ0GOANAA0gDEIzQqZ0GGAI.
.mathtag.com/ Name: uuid
Value: 377c63aa-680c-4501-a5a9-b7f2240d91e0
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: cf1164306aa09f0a
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7946301243496629626
.adform.net/ Name: TPC
Value: 1672112142115
.servenobid.com/ Name: pid_312
Value: 2333851858879476649
.casalemedia.com/ Name: CMID
Value: Y6poDyGUNL2XKEokSTonbgAA
.casalemedia.com/ Name: CMPS
Value: 5163
.casalemedia.com/ Name: CMPRO
Value: 5163
.smartadserver.com/ Name: pid
Value: 6173532661063726968
.yahoo.com/ Name: A3
Value: d=AQABBA9oqmMCEPFxFVR2M9Aq_mMje5Ovf6MFEgEBAQG5q2O0YwAAAAAA_eMAAA&S=AQAAAko15-K7-zY31kG2XZmHFE8
.gumgum.com/ Name: vst
Value: e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06
.lijit.com/ Name: ljt_reader
Value: F4k3pRZHzNfaBJMXTTyu77vy
.servenobid.com/ Name: pid_317
Value: 6173532661063726968
.ads.pubmatic.com/ Name: KCCH
Value: YES
.servenobid.com/ Name: pid_309
Value: e_e8e8f21a-0fbb-42fd-a268-a2b3568e1c06
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_337
Value: y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
.servenobid.com/ Name: pid_339
Value: y-2Qf_qiZE2uFDdehum1QO3YDEYRJdJZ6N_wbxOjg-~A
.creativecdn.com/ Name: u
Value: jfXy0pC0QXzLOgAhDYtN
.creativecdn.com/ Name: ts
Value: 1672112144
.adfarm1.adition.com/ Name: UserID1
Value: 7181666973726144662
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrKwNLE0szQyNxLiM9R1DC40zHMrdXHXdQwAAFa0VuglAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrKwNLE0szQyNxLiM9R1DC40zHMrdXHXdQwAAFa0VuglAAAA
.servenobid.com/ Name: pid_310
Value: F4k3pRZHzNfaBJMXTTyu77vy
.servenobid.com/ Name: pid_333
Value: Y6poDyGUNL2XKEokSTonbgAAFCsAAAAB
.bidswitch.net/ Name: tuuid
Value: 61734a39-fbda-403a-8340-82169cdc743a
.bidswitch.net/ Name: c
Value: 1672112144
.bidswitch.net/ Name: tuuid_lu
Value: 1672112144
.openx.net/ Name: i
Value: ea305e4a-340f-4b07-8822-1eebed449c3c|1672112144
.servenobid.com/ Name: pid_324
Value: 5141210822894969272
.emxdgt.com/ Name: euid
Value: 57551672112144179426f1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6poEAAAAWRF9QAo
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1673308800%3A241_201_227_245
.pubmatic.com/ Name: SyncRTB3
Value: 1673308800%3A220_13_7_161_56_21_54_251_3%7C1673395200%3A35
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-f7db464a-d715-3f19-9ba8-a279aea06639
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5kaGhkaGJiZGoIAG7EoTEQAAAA
.emxdgt.com/ Name: eapn_id
Value: 2333851858879476649
.servenobid.com/ Name: pid_327
Value: 987c6a9f-e428-4bea-80bd-90f038f45e1a
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~292r:175w~292r"
.servenobid.com/ Name: pid_316
Value: 283113C9-C2CF-4B90-B1FC-12AEB2EB81C1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-eac1d13e-9ac7-48ae-9cc5-2442b5829636-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.zeotap.com/ Name: zc
Value: cec80421-7f2c-4518-6a9b-f28d531d7794
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 77f5f55048156c4a
.weborama.fr/ Name: AFFICHE_W
Value: FdHgQtLm8qUV41
.simpli.fi/ Name: suid
Value: B4D907841DDE488BA3361C9F83392874
.doubleclick.net/ Name: IDE
Value: AHWqTUmlhqAFZTRWTFcCc7G6Fu0v2YZMPZZmyh9eNTkS0eoRlsp9112HHEuYKqk9ZZI
.de17a.com/ Name: guid
Value: 1.3588404895278553693
.turn.com/ Name: uid
Value: 3749402954534979672
.360yield.com/ Name: tuuid_lu
Value: 1672112144
.360yield.com/ Name: tuuid
Value: 3bca3c9f-68c9-4ad8-aee4-060840cc0ae4
.acuityplatform.com/ Name: auid
Value: 724870660876
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTEz+o11c2VyTWF0Y2hpbmdJZCQDopFsYXN0RHJvcFRpbWVNaWxsaXMlAUJUNGgDrphsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFCVDRoA66PdGhpcmRQYXJ0eVVzZXJJZGM2MTczNGEzOS1mYmRhLTQwM2EtODM0MC04MjE2OWNkYzc0M2H7+4Z2ZXJzaW9uwvs="
.nrich.ai/ Name: _nauid
Value: 56e313df-896b-4eff-9a6d-ed412f577341
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&KRTB&16736-uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&KRTB&23019-uid:377c63aa-680c-4501-a5a9-b7f2240d91e0&KRTB&23208-uid:377c63aa-680c-4501-a5a9-b7f2240d91e0
.pubmatic.com/ Name: PugT
Value: 1672112144
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2333851858879476649&KRTB&23339-2333851858879476649
.go.sonobi.com/ Name: HAPLB8S
Value: s8584|Y6poE
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7946301243496629626&KRTB&23263-7946301243496629626
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFDu1jbu_bZ6cn5AF88u1tE&KRTB&16514-CAESEFDu1jbu_bZ6cn5AF88u1tE&KRTB&23025-CAESEFDu1jbu_bZ6cn5AF88u1tE&KRTB&23386-CAESEFDu1jbu_bZ6cn5AF88u1tE
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3588404895278553693
.company-target.com/ Name: tuuid
Value: 6381f043-8a37-4534-936a-a03672bde37a
.company-target.com/ Name: tuuid_lu
Value: 1672112144
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0d049cc0-c5f1-4a8b-6420-153ffce26c7a.N7czWz17aWZqNo0Uq8HzIFKchb3U95gG65drP7BJMh0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ADQScwMXxSotkIBU__OJselD_B2o.xvyGJGpBh9dhenjg%2Bo41Aa21oEU8lCJqJwyf3U5veXc
.ipredictive.com/ Name: cu
Value: 42ab4df3-6995-41cc-891e-f6cb2cf2fead|1672112144548
.zemanta.com/ Name: zuid
Value: KA0Gi-ko-RXaKcRoS8Q-
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMTS
Value: 5148
.outbrain.com/ Name: obuid
Value: 325b5dae-962a-4000-b716-7bd24511208c
.trafficroots.com/ Name: PARTNER_ID_3379
Value: 1f7f877bd1
.amazon-adsystem.com/ Name: ad-id
Value: A_dWSCUCs09Sj_ScVtRDzOs
.smartadserver.com/ Name: csync
Value: 49:7181666973726144662|94:Y6poEAAAAWRF9QAo|137:1f7f877bd1
.bluekai.com/ Name: bku
Value: ikG99OOG3Zm2JK/C
.w55c.net/ Name: wfivefivec
Value: ATS7bC071Pa0KI5
.mxptint.net/ Name: mxpim
Value: R1D530_FB885602_8C62AC6.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000063AA6810
.servenobid.com/ Name: pid_346
Value: ua-f7db464a-d715-3f19-9ba8-a279aea06639
.w55c.net/ Name: matchbluekai
Value: 3
.w55c.net/ Name: matchgoogle
Value: 3

10 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-519818465%3A1672112138380077&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5M5DI9dUFAhyiqY4Oimeo2nSnmEzWbCPWaa6AevSLL5ardOW8yUk1puJg135vBtRjeeOzoig
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://theharityhild.buzz/THpWSDk3WCU%2FZjkIOmoDbhIiPEk%2FQHlnVCkdNz1JYhQzPBY%2FDXgiSm5WdDtUKlhseRVuCTs%2BG3ZYYmYKblZ0PFgrJT8sG3ZYbnsLekllahVuCSMqZiUeZGoDbhxuewovSmIqFHofZioUeB40eBR1Tm5%2FFCpMMy1cLx81K1ovH3Q1
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-2097058172%3A1672112138415680&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5yFTfhDwyDnnVaXou2NMl9-Yf5hTwKrT7Hlvb3OyeG4a_xOaUxhV1NGTCg61JbvZIwkX8I2w
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ads.servenobid.com/adreq?cb=2567
Message:
Failed to load resource: the server responded with a status of 406 ()
network error URL: https://ads.servenobid.com/adreq?cb=4131
Message:
Failed to load resource: the server responded with a status of 406 ()
worker error URL: blob:https://megaup.net/3aa08941-d2fe-4e2e-8046-8cc3d44861ca
Message:
Mixed Content: The page at 'blob:https://megaup.net/3aa08941-d2fe-4e2e-8046-8cc3d44861ca' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://megaup.net/3aa08941-d2fe-4e2e-8046-8cc3d44861ca
Message:
Mixed Content: The page at 'blob:https://megaup.net/3aa08941-d2fe-4e2e-8046-8cc3d44861ca' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://megaup.net/88e3b6eb-6375-40bb-8205-bbaf7be06864
Message:
Mixed Content: The page at 'blob:https://megaup.net/88e3b6eb-6375-40bb-8205-bbaf7be06864' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://megaup.net/88e3b6eb-6375-40bb-8205-bbaf7be06864
Message:
Mixed Content: The page at 'blob:https://megaup.net/88e3b6eb-6375-40bb-8205-bbaf7be06864' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=283113C9-C2CF-4B90-B1FC-12AEB2EB81C1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
6lthy1laqbnt.l4.adsco.re
6lthy1laqbnt.n4.adsco.re
6lthy1laqbnt.s4.adsco.re
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.360yield.com
ad.a-ads.com
ad.turn.com
ads.pubmatic.com
ads.servenobid.com
adsco.re
ajax.googleapis.com
altowriestwispy.com
ap.lijit.com
api.purpleads.io
b1h-euc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
bidswitch-eu.splicky.com
c.adsco.re
c1.adform.net
casale-match.dotomi.com
cdn.engine.4dsply.com
cdn.psdn.xyz
cdn.purpleads.io
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cti.w55c.net
d5p.de17a.com
demand.trafficroots.com
dis.criteo.com
dmmzkfd82wayn.cloudfront.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
engine.4dsply.com
eus.rubiconproject.com
g2.gumgum.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900022.redintelligence.net
hb.minutemedia-prebid.com
himhedrankslo.xyz
ib.3lift.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
imp9.bidgear.com
keydawnawe.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
megaup.net
mp.4dex.io
mwzeom.zeotap.com
onetag-sys.com
othdgemanow.xyz
p.rfihub.com
parrecleftne.xyz
pbjs.e-planning.net
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
platform.bidgear.com
pm.w55c.net
pogothere.xyz
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
rbp.mxptint.net
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
s.company-target.com
s.update.mediamathtag.com
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.a-ads.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tags.bluekai.com
tags.mathtag.com
tags.w55c.net
tg.socdm.com
theharityhild.buzz
tlx.3lift.com
token.rubiconproject.com
trace.mediago.io
track.adform.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
webpick-cdn.s3.us-west-2.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
4.adsco.re
6.adsco.re
6lthy1laqbnt.l4.adsco.re
cs.admanmedia.com
webpick-cdn.s3.us-west-2.amazonaws.com
104.109.78.125
104.18.33.19
104.96.145.246
108.158.61.9
124.146.215.49
129.80.94.115
13.32.27.7
13.32.27.85
13.32.27.89
138.201.63.145
142.250.180.194
143.204.215.83
144.76.104.53
147.75.85.234
151.101.66.49
154.59.122.79
162.19.138.116
162.252.214.5
162.254.186.187
172.255.6.247
172.64.173.27
178.250.0.163
178.63.97.71
18.156.0.31
18.158.177.133
185.172.90.251
185.183.112.155
185.184.8.90
185.200.116.90
185.29.132.242
185.29.132.245
185.64.190.78
185.64.190.80
185.80.39.216
185.86.137.121
185.86.139.113
185.89.210.122
185.89.210.244
188.114.97.12
188.34.165.163
192.229.233.53
193.0.160.129
198.148.27.140
198.47.127.20
2.18.235.93
2.18.36.181
20.127.253.7
2001:678:cb4:bbbb::11
205.185.216.42
209.54.182.161
213.155.156.181
213.19.147.44
213.227.153.222
216.52.2.19
23.109.87.55
23.35.236.201
2600:9000:2057:1600:6:2e3c:5fc0:21
2600:9000:211a:9000:1f:4c18:bd40:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:36b
2606:4700:20::681a:8a9
2606:4700::6810:9e11
2606:4700::6810:9f11
2606:4700::6811:180e
2606:4700::6811:a7ba
2606:4700::6812:272
2a00:1450:4001:828::200a
2a00:1450:4001:829::200d
2a00:1450:4001:82b::2008
2a00:1450:400d:802::200a
2a00:1450:400d:803::200e
2a02:fa8:8806:12::1400
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:909a:e593:7b70:eda7
3.123.245.15
3.126.18.125
3.225.229.148
3.5.81.116
3.75.3.113
34.107.148.139
34.111.129.221
34.111.131.239
34.247.233.198
34.251.154.165
34.96.71.22
35.157.59.48
35.204.158.49
35.208.249.213
35.244.159.8
35.71.131.137
37.157.2.249
37.157.5.141
37.157.6.254
38.132.109.186
38.67.14.234
38.91.45.7
51.68.39.188
51.75.86.98
52.16.223.13
52.213.183.212
52.29.214.155
54.154.216.185
54.162.51.18
54.172.144.228
54.243.215.75
54.72.124.195
54.80.98.164
54.85.151.23
54.90.77.112
63.33.20.36
64.74.236.255
67.220.226.232
69.166.1.12
69.173.144.139
69.173.144.165
69.173.151.100
69.192.160.219
70.42.32.223
72.251.249.14
76.223.111.18
85.114.159.118
88.99.219.174
91.209.70.182
92.123.37.164
001a9cff1f2ca50854c7b297870988397348542a0b4d54f4030568ce9a84e77b
007c2c43d25a5fff8c8d8913047abf982fe27f68fd986cb09e7cb2c0996d90ba
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
019103fea0259fd6234019bc1ba4e46161ec1e1f02bb9f45c8dc9e0a271e422b
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
07b85311657c41cc021ef736108eb718a91438212a8ea136b5e2caa6e7381f15
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
083c04905e3fb4f85af9fafa2500d0c75dc91dcfd3f664cddb592a4762923052
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b61859370df7a83e174f1cc0ff8e54283434ab0efd738605f8b712f965e677e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c95ab01bf4f097af25ca82cb0cd12dcbb96db380ab45f38b115b159867aac0f
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
0f4efd88cff143e750f695e1b659d65bd9853558b714866ab117a8ea341e081f
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d
10815e9b5addf60315886f7216b0530fd58fa8580ca6a81687f14ffee517c619
117a5a5b2ea2b5f04f4932c1af5e8e73cc2ad1b9dca13a1fef8a42588e81931f
1279b2bdd3e73ae26c278e92a532d6540377a518dbe81df0cbba41aa585f5cd7
147825e34e7918c86dde1cdc7b27622ef43e49b48615accff3c39e1cb43f10d1
148204e41b00953c21c1604df8ca92a4c0f39aa1bb6dc4790be9998bcdf77db0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ea92d588ed713028e1149276e5b5f7689b25a1d91c595b471e0de3fb8cb1f8b
206e84c47dae9d7e010bacf725273b665abdfe4ba6f129c1082c48e72c875fce
217bffe44b964e10fe120949b9a143b665a8c03a57ab348713de7d8b2878345e
233a048b5eab2ecc75e2f72bf9a65de6ac06e697746156ade5b144305d76ca3a
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
244c04a213bdb0e13f0d9fa71af6760886ad9d533f80c1f60e21f632096f5e33
27752cf786287e6da49294981b9b812b2adb2c02fe6787a9586fa0fdf958998e
297f3bb745ff7d1a9b523b28c28cf0bb6b9185777fa1129a4afb560725d33efa
29f2cc477b146b9aa418b066d6e964ef1dc7f24466f88bd9297efaf2e4d682ae
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
2d6f1126fbf381ae50f1264f82d5d2c55c400067557abf21387ab4c72af624cf
2d9574ce1b6890bd6ccf1ef3d04fe1328f35c5bbced7b6b331459119ef4fe480
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6c3ea3a8d3c858c2f37d100745f1e855bb79d29ecfc94bc1e5e073fc7a2e7f
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
31ca2164134c089fcedd15176160feea7b4369b404e9c8fd7b410292b9233550
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c
35e93b818dff2f3ac20ce42e50d2a6eb9e7412605421decaa95ca9bf604a9dbc
36d3384d877fd1dafeea8432ed7ebae097f515147d74b091a12c5cadf16420e5
379fb66bc617a47396e3874dec5c03e8d174628d3ae18e4f0189d2ae2f076e7b
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
39ad1ba4e4a887e3dc50f4f0626b2e3e51edd012071fce4d21b5af513a0c5704
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
3b35d09fae892be2b76a67f47bbbcbe289b05a2850e02295f70f9c2e537d927a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ddb55401278e4314e2ca586d0b970cd6c2d72076ae2eab8f08ccc5404bb2cec
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
46cce4c9a098122fafa7c570d1e91a20c695decf19a2e65dee2e8ce57cda9e88
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fb88c490489f219439f80d95816fbf93728b7bed7ed11c8fcc14139c96d84
4b5acb48cadfd6669e41951d81d296cb78b8261fb12c55589d6e3cbc12a48a9e
4b75d94f66a12f86bb0c238861680cc589c4463ba29be6889ed6dbeb5594aa19
4c732b2e04f2b290d7c5e41e40f21e6a18a0421305c42834755785bc81db665c
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
4d424d6633502b4eb28356c60bba0d002a8456df0de6b6cc41e3abd01eef8182
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e96692692ab0b89294689963c143828abe89527ea6b8579d6427dad8362c3c4
4f3f67c68965b4076cc7bc531f648c3a15aa30c1b9cede0486afd4eb4353f8c1
5136f69023fda514b989f357cee8a4470cae950d10d220349c879e2e32021ce1
51f2fa4ff65e76d8c45339f923852c58b4c9de645bba78fbedbfa095e59ab6c6
5309acf0cfe2e63117837f93e9dfe9c48f3f9085f9c22fbfcfe8253966f95963
57fa38df85924bcee6caf79238843625c26f22dfd1965f4c23907c1be2a733c3
58820cb68dfc11a83c4b797fcef209dcd1352239db0c29e001ce72f29d669211
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2
5d7f44afbd93184255019e84f910d384402ea730e97fcb91094874532998f014
606293f512eec7560d4e1bef7c05c712ea8bba610f50297d9c71306dcedaf0e9
61196e3c2533b4e36ece496e7e286ade3fc5b4d1fd9a5266d01dff39d5227791
61a41176d3175622252d5c00b2bab632e4b35d8828380dc4c72dd5efe3a53d73
61e6adb92dfa31cf72c265a21abf252f146272d2d430e6c45acac9ff9d6b41d4
632d063657c6f4c043354f177efe3b31b5d108fc8d67399fcb2437d02ab8699a
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
65e2c77780c75462db1cdbd3a9e3bb1a19ef1b5acac91ac750602f513dc011a9
65e9a21c98b2ea3513d083444db4fa517f61b435c8d3e5bfa72f2caf4692f7a3
66c52c32eef6ba86d195a491ec9d75e8af4795f365e3402626e7063395ddceb1
67ab7096b5991ba7642fca6bc39a56e77a9842fc71ab4d15d948f99dee7c0616
68285c4613c71671bdf44ebf48eada0a036ce78b3b7cd36acf3333f840e20c7d
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
69c6352bd7a8de550563a81b40dab2234fa30ff0ae9e90a8b5c896dea033ca3b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
6dbc57e2da7abf1ca63dcf94b44f3925dc868ac03f226c49117989a5f53ba26a
6dcb3ca38e7b5cab419a61cdc6ed16d82f014308fbdd88e8e7e0f4615c90cc54
720ecc6fb7452540b02bd809b05091398936652e79a37277824978b6c80d3f6f
722f6f4487e53564914419c76f881d7bac8481a460892d614f271d1bb8375447
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72fd4b945e70daa83e3265fe9e137f592ff8ff6e30482d8a5c6172ce3230790e
743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7
74db148ad1ce5c7b02e7a8a641bd135462ed3f1d2e0635475bfa8f2011b3fb85
7b11a6d08318874864fb5045212226d7574bf3ec19b8904408684469d7f01aa5
7b20d395c268efe3267739b189c0490cd22f82f2c58f79dfb58ea48e9fd9fcb2
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
7c10acbcb15a2f181df3ad0d009a44f892e406bbfc8f94df12f8a47a71b696e5
7c318bdc0f677a6d3df534a28c1d5294b691bf54e2f97add3466764a30a11da8
7c407ab078a5e62b3a0002b22ebe856e96774039899296b2c7216a96f1b93c68
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839130e063efbbe8d7d0ec02a38f8f000a6f86c5999a8eb2735192f35bdced7e
83936caa82da3ffe2f1ebac8b04282a7adc4db7125f99e2e9a7eed46a7c6bba1
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
851be05f20e974f186b6b5d6d2bac886446f4b83b31d3d4e9952526d98ddeed3
865b446eda89760cd59a649f73f0dba561b135a82270bc0258caca9ed5828f98
868dad5678ad53acb8fd15f75ddaa361cc6fcb3bf60c17922ba3474beb9bd2b8
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b88ca4a987d6c5299031cb992fda2ef3b2ea67f56b3daa754b3ff65459f7f91
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8fa669071ed5fb03e9954ba360885e7ba95fb77ae5448dfc313c3c01202b46aa
9149d94092ba16ab6876de9392d74aac837f6204d6b51b53b1aceb3c12e1e276
91e4749e45a517ca4168cf9573eef0ee72fa93a9b7b96892844e9935afc832af
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
9509c1e67bedbaded059d0aa8d5cee65cee3c9e3f43a5952a7a233cbc10810ae
95b2e522a528d099727217fbc2e329d8eb8bb237c66dcf61390832944c9dcdae
9930043ffb4753c135a12f6be97e24ef56fdfd5aaf1af6a204d99937a7ba8ef2
9aa67a075af1be632b4c8a8fdd774ca2385e6117debdf955d0a01b38e95544dc
9b36949876f75f2961b55a066b1f9695ec8c3772771d700e951736b1fba45cbe
9c454254e41f5ff111583251f149649ebfe67a36438522efafa11630d60cb9dc
9c9f251d98edd1208a6c45aee90ff4011ed964e87e8bb622ae7a45249f1dae43
9e242a4418d71693d7d5f18f73911012cb9f4baf849675c301b8dd8621dbf242
a18e9eb0317b9604f77239ccbda88f9fd30c7950dbf7006a4a616703ad412a67
a1d2f8f90af0349f42afb4e6f0a851700f19cd866a1ec03947f8c1a4db3fb868
a1f0e889345ac1baac569378a97d989acd5bf34c3a4caeb36e57980cbd81970c
a3fb9df743b4635f3643e72a5ee1a4ddfe6615a14682474acde7a573e5f3230d
a4a0ee2a2853991639ecc9766f083dee223823deb4b5870898c26382b9c0eae8
a72e6ce7c10983fcd6773f0db77f049b7a85039d3e7212a12ad56fbb8d70a6e6
aa2e30fb40eef2bdde32441d96a1b671c4a34170ab6de0ace0bc7c45287bcb15
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c
aed2be655d20468968674662b26c808a995b7288e82168ada025531738e766ba
afff7cdd8f6f0ca43b26573840f5ec5d3302dc1fc2b2209a1163e3978c9d012c
b0cc0f37d2d9dff52ed354664a1a65f2282a7b66617b35e288c80909f4d2a831
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294511bf3671949ac936112c4ef28571437670b72d5b93b3013b37bcb1fb1d4
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49885ee9e161e5595dfe428642255234d8d557c85699bb8bba72499717498c5
b4db5bdc9ade424c8af68bc735857909c9289a5efe54d1075399ff436c5bcae7
b6264c4c05c786e5215a5fa9feb5a99a81c924bc26b3e962eeff230750a2d134
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c
bb1543880da376e6bdf11b7af502824f4e47bcc912bda74442bbcb144a368f7a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb34a235703f6e6ba3e66ce418193dae4dc5449c99f5fada629a95e4ff0c39d6
bd35bd463e21be906dd46cea55958721cab968127eaaabe75d4ef00e221e8cac
be4004f6787f22c51c4b70ba585eb9e763cb15350d912364289b5bf17dedf7c3
be8f2708a3b5d7b1e4da554fedb19458da4faa8bef611760a1850d428a4461f6
be944eb597206d7b5c221e68e6bdd2c15392df2a66a900b43d310a6fbef682c6
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
c7fe89a030ea54a29616f0a473366e07d109dfb775f2afa050c2de82e3606fba
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
c81974c7e161ec96cfa17b1ac565067a3d08b2c99a15f40884693c3b1476f109
c85a693026abb594e8a67367b38a2f18dba9f63e579d9fe2d319619f73c4f229
cb04b7a440abbf9eca18bdf49cc8cc21c67fa4ada8912c2a2c6b71b8234c75cc
cb11ef787fc18b87a0420239ee788379f6218b79ac81fa012ecad676ae1cb144
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cf1762c2ef5b2a6d9d2e113b4be676b3ab39691fd307f97112630340478a0d98
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d385de21d436fc01612adb6355a8e431e60d0502ecbf11b5b9fb037645158575
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d72616e59f2ba832c54a0e734cdf0a79cb8730f81a07b5de43864c15a240e221
da81576c4fa06d8a13dc4298437df6177081447f202124cf805e196e8c07f0f2
db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734
dbf7ff3645c160259d28b0000ae73073d321615471950cdda639faf02d4970ee
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c86f2ef6e01f9816779ad70119e40b20163ead9fb91199c89abbe7dd3a5dc
e0c24819276a1c6f8a8cedc925e114763711b86e1adb3bf62e32d5175fb7c4f1
e2e36065bc293def46f304ec1c821797d909addf533405588ff146c856d0ea68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e456731b9f22b05f4484c3e63755c18c2bb4d7d8cbfa72db943659b781fff25d
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
e8f202084637582b82e40a8ee2976c15a4b7c13d92275a98e015359a35fabd46
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9a05e4c2ec9dabbd5cea40b22b71a7ef3998a58973317af153f8830eae272dd
ea912ca3883cb94101c4ece680054ef8c5bbcabd9e7f309cca92394d2c65a9e5
eb01ffd065001e66eb6ce604fe281c946e74c4673b919053baee7c343e232e5b
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
ebf4e570b96d611fa540bb8745ba518a1005d50c4589a2c2cf3a60a97151a184
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a1ff709899584c91496da397de0b0fcab774e3b6d258ccca9997e592e84d3
f02d584e01f9b2375ce4b44e694fe86d666e3dfd83c7f46a5fec0f5cef6cb89b
f2f998bd4c7061cb0a1e3a01f1f5de7d4f42b2b959a026f544cdc6c7202e02bd
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027
f5af895f7beb65666327d0629ed30cebe00dddebabbe9d25be29106234e827a5
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6626568ee243b737cdfc12efc464eb97d786bdcce590a0326427e11f360293f
f809de94a782db6c7c5bc85db8bc8f6b05b1a473f736080b3ea8377fd6ed35cc
fa77538239ff2758ff9fa8ef646cad3e9ca818dd13fbf15ff3ca8a8bee173c69
fb4f57cbf955eda0db9ff6e081e7338cadbbf04f9e087644b5e9e2fe3ad67431
fdb81e9dac5bdefc6f55fec8edef71ab66383b92b76dadda7f83359a21107d11
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af