sonichits.com Open in urlscan Pro
2606:4700:20::681a:22c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sonichits.com/
Effective URL:
https://sonichits.com/
Submission: On November 30 via manual (November 30th 2021, 3:14:01 am UTC) from US — Scanned from DE

Summary HTTP 330 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 108 IPs in 13 countries across 97 domains to perform 330 HTTP transactions. The main IP is 2606:4700:20::681a:22c, located in United States and belongs to CLOUDFLARENET, US. The main domain is sonichits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 5th 2021. Valid for: a year.

This is the only time sonichits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10 18	2606:4700:20:... 2606:4700:20::681a:22c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223d:4400:9:78a:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:4400:1c:386f:ec80:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	18.66.139.46 18.66.139.46	16509 (AMAZON-02) (AMAZON-02)
9	2a04:4e42::591 2a04:4e42::591	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223e:ce00:3:f434:dfc0:21	16509 (AMAZON-02) (AMAZON-02)
12	34.239.232.96 34.239.232.96	14618 (AMAZON-AES) (AMAZON-AES)
9	63.32.153.81 63.32.153.81	16509 (AMAZON-02) (AMAZON-02)
3	52.202.233.191 52.202.233.191	14618 (AMAZON-AES) (AMAZON-AES)
1	3.217.66.208 3.217.66.208	14618 (AMAZON-AES) (AMAZON-AES)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2251:2400:10:3422:3f00:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	2606:4700:10:... 2606:4700:10::6816:b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.163.3.37 35.163.3.37	16509 (AMAZON-02) (AMAZON-02)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2 6	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	3.120.57.46 3.120.57.46	16509 (AMAZON-02) (AMAZON-02)
1 2	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
1 3	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
5	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:215... 2600:9000:2156:e800:17:5bae:c7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	44.239.35.110 44.239.35.110	16509 (AMAZON-02) (AMAZON-02)
3	52.38.226.208 52.38.226.208	16509 (AMAZON-02) (AMAZON-02)
6 7	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
4 23	52.35.10.191 52.35.10.191	16509 (AMAZON-02) (AMAZON-02)
8 11	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
5 23	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
14 17	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	54.178.50.49 54.178.50.49	16509 (AMAZON-02) (AMAZON-02)
4 5	54.72.239.169 54.72.239.169	16509 (AMAZON-02) (AMAZON-02)
1 3	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
2 2	54.246.150.87 54.246.150.87	16509 (AMAZON-02) (AMAZON-02)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	52.49.134.174 52.49.134.174	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:236... 2600:9000:236e:6e00:1a:5302:20c0:21	16509 (AMAZON-02) (AMAZON-02)
3	52.89.213.37 52.89.213.37	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2 7	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.34 13.32.99.34	16509 (AMAZON-02) (AMAZON-02)
1	13.225.77.75 13.225.77.75	16509 (AMAZON-02) (AMAZON-02)
2 13	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	18.193.230.138 18.193.230.138	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 4	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
5	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
2 2	198.8.71.129 198.8.71.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
2 2	35.156.135.60 35.156.135.60	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	2600:1f18:659... 2600:1f18:6593:f608:82c4:8e67:4786:1156	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b001:be6e:d2d6:b7bf:2108	16509 (AMAZON-02) (AMAZON-02)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
2 2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.125.86.125 3.125.86.125	16509 (AMAZON-02) (AMAZON-02)
2	54.77.169.115 54.77.169.115	16509 (AMAZON-02) (AMAZON-02)
1 3	162.55.236.225 162.55.236.225	24940 (HETZNER-AS) (HETZNER-AS)
5 6	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	54.217.170.69 54.217.170.69	16509 (AMAZON-02) (AMAZON-02)
1 1	18.205.214.32 18.205.214.32	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.18.61.23 52.18.61.23	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
3	5.178.65.252 5.178.65.252	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 6	52.86.83.177 52.86.83.177	14618 (AMAZON-AES) (AMAZON-AES)
1	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	23.88.75.187 23.88.75.187	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.23.171.206 94.23.171.206	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	72.251.245.181 72.251.245.181	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d018:d29... 2a05:d018:d29:3602:e219:12f7:637c:c071	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	54.170.158.38 54.170.158.38	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1	34.254.143.235 34.254.143.235	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
1	212.83.160.162 212.83.160.162	12876 (Online SAS) (Online SAS)
2	52.57.150.20 52.57.150.20	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	() ()
330	108

18 2606:4700:20::681a:22c (United States) 10 redirects

ASN13335 (CLOUDFLARENET, US)

sonichits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:4400:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

product.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:4400:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)

d3lcz8vpax4lo2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.46 (United States)

ASN16509 (AMAZON-02, US)

cdn.clickfuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42::591 (United States)

ASN54113 (FASTLY, US)

lastfm.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:ce00:3:f434:dfc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2f0uviei09pxb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.239.232.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-232-96.compute-1.amazonaws.com

geoip.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eua.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b2c.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.32.153.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com

srv.tunefindforfans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.202.233.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-233-191.compute-1.amazonaws.com

geoip.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.66.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-66-208.compute-1.amazonaws.com

b2c.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:2400:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

insticator.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:b7 (United States)

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.163.3.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-3-37.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

insticator-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Alexandria, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.38.124 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.246 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:e800:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.239.35.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-35-110.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.38.226.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-226-208.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.45 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 52.35.10.191 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-10-191.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.223.40.198 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.64.190.80 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.130 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.178.50.49 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-50-49.ap-northeast-1.compute.amazonaws.com

pp.d2-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.72.239.169 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-239-169.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.150.87 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-150-87.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.134.174 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-134-174.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:6e00:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)

dh014lg6uwepv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.89.213.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-213-37.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.35.242.195 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-75.fra2.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.35.65 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.230.138 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-230-138.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.48 (United States) 4 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.249.52.249 (Huissen, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.8.71.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.135.60 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f608:82c4:8e67:4786:1156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:be6e:d2d6:b7bf:2108 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.86.125 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-86-125.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.169.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-169-115.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.55.236.225 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.170.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-170-69.eu-west-1.compute.amazonaws.com

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.214.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-214-32.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.37 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.61.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-61-23.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.86.83.177 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-83-177.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.41 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.187 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.171.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.245.181 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.248 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.236 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:e219:12f7:637c:c071 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.158.38 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-235.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.160.162 (Massy, France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.150.20 (None, )

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (None, ) 1 redirects

ASN- ()

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	ad.gt 4 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	50 KB
31	pubmatic.com 6 redirects ads.pubmatic.com image2.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	93 KB
23	doubleclick.net 14 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	145 KB
21	instiengage.com product.instiengage.com geoip.instiengage.com auth.instiengage.com eua.instiengage.com event.instiengage.com static.instiengage.com b2c.instiengage.com cms.instiengage.com	684 KB
18	zeotap.com spl.zeotap.com mwzeom.zeotap.com	6 KB
18	sonichits.com 10 redirects sonichits.com	187 KB
14	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com ssum.casalemedia.com	19 KB
14	adnxs.com 8 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	26 KB
14	google-analytics.com www.google-analytics.com	84 KB
11	adsrvr.org 8 redirects match.adsrvr.org	5 KB
11	e-planning.net 1 redirects ads.us.e-planning.net sync.e-planning.net u-ams02.e-planning.net s.e-planning.net	18 KB
11	fastly.net lastfm.freetls.fastly.net confiant-integrations.global.ssl.fastly.net	285 KB
9	rubiconproject.com 2 redirects token.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com	22 KB
9	tunefindforfans.com srv.tunefindforfans.com	29 KB
8	crwdcntrl.net 2 redirects id.crwdcntrl.net bcp.crwdcntrl.net tags.crwdcntrl.net sync.crwdcntrl.net	15 KB
8	facebook.net connect.facebook.net	425 KB
8	google.com fundingchoicesmessages.google.com www.google.com	79 KB
7	facebook.com www.facebook.com	665 B
6	audrte.com 3 redirects a.audrte.com	5 KB
6	everesttech.net 5 redirects sync-tm.everesttech.net	2 KB
6	adform.net 4 redirects dmp.adform.net c1.adform.net	3 KB
6	openx.net insticator-d.openx.net u.openx.net rtb.openx.net	1 KB
6	ingage.tech ex.ingage.tech	1 KB
5	yahoo.com 3 redirects cms.analytics.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
5	demdex.net 4 redirects dpm.demdex.net	4 KB
5	youtube.com img.youtube.com	116 KB
5	onetag-sys.com onetag-sys.com	3 KB
5	1rx.io 4 redirects tag.1rx.io sync.1rx.io	2 KB
5	gstatic.com fonts.gstatic.com	302 KB
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
5	cloudfront.net d3lcz8vpax4lo2.cloudfront.net d2f0uviei09pxb.cloudfront.net df80k0z3fi8zg.cloudfront.net dh014lg6uwepv.cloudfront.net	104 KB
4	mathtag.com 4 redirects sync.mathtag.com	3 KB
4	tapad.com 3 redirects pixel.tapad.com	2 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com aax-eu.amazon-adsystem.com	3 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
4	bidr.io 3 redirects match.prod.bidr.io	2 KB
4	taboola.com 1 redirects trc.taboola.com match.taboola.com	863 B
4	33across.com ssc.33across.com ssc-cms.33across.com	443 B
4	technoratimedia.com insticator.technoratimedia.com ad-cdn.technoratimedia.com sync.technoratimedia.com	6 KB
4	insticator.com geoip.insticator.com b2c.insticator.com event.insticator.com	3 KB
3	turn.com 3 redirects ad.turn.com d.turn.com	1 KB
3	sitescout.com 2 redirects pixel.sitescout.com pixel-sync.sitescout.com	816 B
3	richaudience.com 1 redirects sync.richaudience.com	741 B
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	942 B
3	d2-apps.net pp.d2-apps.net	1 KB
3	aufp.io aufp.io	9 KB
3	google.de www.google.de	627 B
3	aralego.com hb.aralego.com sync.aralego.com	910 B
3	googleapis.com fonts.googleapis.com	5 KB
2	eyeota.net ps.eyeota.net	2 KB
2	avct.cloud 2 redirects ads.avct.cloud	894 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adgrx.com cm.adgrx.com	816 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	imrworldwide.com 2 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	427 B
2	bluekai.com 1 redirects tags.bluekai.com	650 B
2	smartadserver.com 2 redirects sync.smartadserver.com	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	672 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	792 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	mookie1.com odr.mookie1.com	430 B
2	rlcdn.com api.rlcdn.com ats.rlcdn.com	61 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	360yield.com 2 redirects ad.360yield.com	682 B
2	fontawesome.com use.fontawesome.com	85 KB
2	a-mo.net 1 redirects prebid.a-mo.net	630 B
2	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	1 KB
1	cookieless-data.com js.cookieless-data.com	535 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	461 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	simpli.fi um.simpli.fi	616 B
1	onaudience.com 1 redirects pixel.onaudience.com	399 B
1	iprom.net core.iprom.net	280 B
1	ad4m.at ad4m.at	915 B
1	erne.co 1 redirects green.erne.co	326 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	widespace.com engine.widespace.com	76 B
1	agkn.com 1 redirects aa.agkn.com	379 B
1	exelator.com loadeu.exelator.com	324 B
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	bttrack.com bttrack.com	380 B
1	dyntrk.com gu.dyntrk.com	215 B
1	brealtime.com biddr.brealtime.com	1 KB
1	aralego.net cdn.aralego.net	1 KB
1	indexww.com js-sec.indexww.com	1 KB
1	privacymanager.io geo.privacymanager.io	593 B
1	emxdgt.com hb.emxdgt.com	157 B
1	clickfuse.com cdn.clickfuse.com	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	ytimg.com i.ytimg.com	25 KB
0	admanmedia.com Failed cs.admanmedia.com Failed
330	97

	Domain	Requested by
23	ids.ad.gt	4 redirects sonichits.com
18	sonichits.com	10 redirects sonichits.com
17	cm.g.doubleclick.net	14 redirects sonichits.com
15	mwzeom.zeotap.com	spl.zeotap.com
14	www.google-analytics.com	www.googletagmanager.com sonichits.com www.google-analytics.com p.ad.gt
12	image2.pubmatic.com	5 redirects ads.pubmatic.com
11	simage2.pubmatic.com	ads.pubmatic.com
11	match.adsrvr.org	8 redirects ads.pubmatic.com ssum-sec.casalemedia.com bcp.crwdcntrl.net
9	srv.tunefindforfans.com	sonichits.com srv.tunefindforfans.com
9	lastfm.freetls.fastly.net	sonichits.com
8	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com ssum.casalemedia.com
8	connect.facebook.net	p.ad.gt connect.facebook.net sonichits.com
7	www.facebook.com	sonichits.com connect.facebook.net
7	secure.adnxs.com	6 redirects ssum.casalemedia.com
6	a.audrte.com	3 redirects sync.e-planning.net a.audrte.com
6	sync-tm.everesttech.net	5 redirects spl.zeotap.com
6	event.instiengage.com	product.instiengage.com
6	ib.adnxs.com	2 redirects df80k0z3fi8zg.cloudfront.net spl.zeotap.com acdn.adnxs.com
6	ex.ingage.tech	df80k0z3fi8zg.cloudfront.net ssum-sec.casalemedia.com sync.e-planning.net
5	u-ams02.e-planning.net	sync.e-planning.net ads.pubmatic.com ssum.casalemedia.com
5	dpm.demdex.net	4 redirects ssum.casalemedia.com
5	static.instiengage.com	sonichits.com
5	img.youtube.com	sonichits.com
5	onetag-sys.com	df80k0z3fi8zg.cloudfront.net sync.e-planning.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fundingchoicesmessages.google.com	sonichits.com
4	sync.mathtag.com	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	ap.lijit.com	4 redirects
4	x.bidswitch.net	4 redirects
4	eus.rubiconproject.com	df80k0z3fi8zg.cloudfront.net eus.rubiconproject.com sync.e-planning.net
4	ssum-sec.casalemedia.com	1 redirects df80k0z3fi8zg.cloudfront.net ssum-sec.casalemedia.com js-sec.indexww.com
4	u.openx.net	sonichits.com df80k0z3fi8zg.cloudfront.net
4	match.prod.bidr.io	3 redirects ads.pubmatic.com
4	sync.1rx.io	4 redirects
3	sync.crwdcntrl.net	bcp.crwdcntrl.net
3	s.e-planning.net	sync.e-planning.net
3	sync.richaudience.com	1 redirects spl.zeotap.com sync.e-planning.net
3	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	spl.zeotap.com	df80k0z3fi8zg.cloudfront.net sync.e-planning.net ads.pubmatic.com
3	pixels.ad.gt	p.ad.gt
3	token.rubiconproject.com	sonichits.com eus.rubiconproject.com
3	trc.taboola.com	1 redirects sonichits.com spl.zeotap.com
3	pp.d2-apps.net	sonichits.com
3	p.ad.gt	a.ad.gt
3	aufp.io	a.ad.gt
3	www.google.de	sonichits.com
3	www.google.com	sonichits.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	a.ad.gt	srv.tunefindforfans.com
3	fonts.googleapis.com	sonichits.com client
3	ads.pubmatic.com	d2f0uviei09pxb.cloudfront.net sync.e-planning.net ads.pubmatic.com
3	securepubads.g.doubleclick.net	sonichits.com securepubads.g.doubleclick.net
2	ps.eyeota.net
2	pixel-sync.sitescout.com	1 redirects bcp.crwdcntrl.net
2	ads.avct.cloud	2 redirects
2	ad.turn.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pr-bh.ybp.yahoo.com	ads.pubmatic.com ssum.casalemedia.com
2	image4.pubmatic.com	ads.pubmatic.com
2	cm.adgrx.com	ads.pubmatic.com ssum.casalemedia.com
2	d5p.de17a.com	2 redirects
2	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	2 redirects
2	tags.bluekai.com	1 redirects bcp.crwdcntrl.net
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	beacon.krxd.net	spl.zeotap.com
2	sync.smartadserver.com	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	dmp.adform.net	1 redirects spl.zeotap.com
2	pm.w55c.net	2 redirects
2	p.rfihub.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	odr.mookie1.com	spl.zeotap.com
2	ssc-cms.33across.com	df80k0z3fi8zg.cloudfront.net
2	secure-assets.rubiconproject.com	2 redirects
2	event.insticator.com	d2f0uviei09pxb.cloudfront.net
2	dh014lg6uwepv.cloudfront.net	sonichits.com
2	sync.targeting.unrulymedia.com	2 redirects
2	ad.360yield.com	2 redirects
2	use.fontawesome.com	client use.fontawesome.com
2	eua.instiengage.com	auth.instiengage.com
2	ads.us.e-planning.net	1 redirects sonichits.com
2	prebid.a-mo.net	1 redirects df80k0z3fi8zg.cloudfront.net
2	hb.aralego.com	df80k0z3fi8zg.cloudfront.net
2	ssc.33across.com	df80k0z3fi8zg.cloudfront.net
2	insticator.technoratimedia.com	df80k0z3fi8zg.cloudfront.net
2	mug.criteo.com	sonichits.com
2	gum.criteo.com	1 redirects
2	confiant-integrations.global.ssl.fastly.net	d2f0uviei09pxb.cloudfront.net confiant-integrations.global.ssl.fastly.net
2	auth.instiengage.com	d3lcz8vpax4lo2.cloudfront.net auth.instiengage.com
2	geoip.instiengage.com	d3lcz8vpax4lo2.cloudfront.net product.instiengage.com
2	product.instiengage.com	sonichits.com d3lcz8vpax4lo2.cloudfront.net
1	d.turn.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	js.cookieless-data.com	s.e-planning.net
1	tags.crwdcntrl.net	s.e-planning.net
1	rtb.gumgum.com	ads.pubmatic.com
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	csync.loopme.me	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	ssum.casalemedia.com	sync.e-planning.net
1	sync.aralego.com	cdn.aralego.net
1	rtb.openx.net	sync.e-planning.net
1	pixel.sitescout.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	engine.widespace.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	bttrack.com	ssum-sec.casalemedia.com
1	gu.dyntrk.com	ssum-sec.casalemedia.com
1	sync.go.sonobi.com
1	sync.technoratimedia.com
1	acdn.adnxs.com	df80k0z3fi8zg.cloudfront.net
1	biddr.brealtime.com	df80k0z3fi8zg.cloudfront.net
1	ad-cdn.technoratimedia.com	df80k0z3fi8zg.cloudfront.net
1	cdn.aralego.net	df80k0z3fi8zg.cloudfront.net
1	js-sec.indexww.com	df80k0z3fi8zg.cloudfront.net
1	sync.e-planning.net	df80k0z3fi8zg.cloudfront.net
1	geo.privacymanager.io	ats.rlcdn.com
1	ats.rlcdn.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	cms.instiengage.com	product.instiengage.com
1	b2c.instiengage.com	product.instiengage.com
1	htlb.casalemedia.com	df80k0z3fi8zg.cloudfront.net
1	tag.1rx.io	df80k0z3fi8zg.cloudfront.net
1	hb.emxdgt.com	df80k0z3fi8zg.cloudfront.net
1	apex.go.sonobi.com	df80k0z3fi8zg.cloudfront.net
1	insticator-d.openx.net	df80k0z3fi8zg.cloudfront.net
1	df80k0z3fi8zg.cloudfront.net	d2f0uviei09pxb.cloudfront.net
1	b2c.insticator.com	d2f0uviei09pxb.cloudfront.net
1	geoip.insticator.com	d2f0uviei09pxb.cloudfront.net
1	d2f0uviei09pxb.cloudfront.net	d3lcz8vpax4lo2.cloudfront.net
1	cdn.clickfuse.com	sonichits.com
1	d3lcz8vpax4lo2.cloudfront.net	sonichits.com
1	www.googletagmanager.com	sonichits.com
1	i.ytimg.com	sonichits.com
0	cs.admanmedia.com Failed
330	155

This site contains links to these domains. Also see Links.

Domain
www.lyricfind.com
www.facebook.com
www.twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-05` - `2022-09-04`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.instiengage.com Sectigo RSA Organization Validation Secure Server CA	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.clickfuse.com Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
srv.tunefindforfans.com Amazon	`2021-09-29` - `2022-10-28`	a year	crt.sh
*.insticator.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-11` - `2022-08-25`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2021-07-15` - `2022-07-18`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-11-26` - `2022-02-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
aufp.io Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
*.d2-apps.net GlobalSign RSA OV SSL CA 2018	`2021-02-12` - `2022-03-16`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.e-planning.net R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.dyntrk.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
widespace.com R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.iprom.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
js.cookieless-data.com R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh

This page contains 46 frames:

Primary Page: https://sonichits.com/
Frame ID: 526140C184BD91A3F66CE236E60DC4D2
Requests: 122 HTTP requests in this frame

Frame: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Frame ID: 0FA06CA6C005B4B961945F46B85588B7
Requests: 25 HTTP requests in this frame

Frame: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Frame ID: DF03E2BCBAC10BAEA04A97A47EB7ED6E
Requests: 25 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: B6CC31E48247D121FB190DBA8721E202
Requests: 3 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: DFEAAD1F6106BF31C85865307B0FA6CF
Requests: 1 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Frame ID: A2E717098D998ABA38DF77A9FEEB7EB8
Requests: 17 HTTP requests in this frame

Frame: https://b2c.instiengage.com/v3/pages/usertracking
Frame ID: CCE905EC30B040D5895B8697EB84A9F0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B9473A30764DACF586AA0B603331A983
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Frame ID: 05293CDADA47D35613E99DB7431EC05A
Requests: 10 HTTP requests in this frame

Frame: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Frame ID: 1A8A5ECF2C1C9C4E8B62504B59F59E56
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1AB164BA87AB2F0B4566846549FF4ADB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 8AB8315A42BB0CECE45E6F5751F84C90
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Frame ID: CC344AD7C20AAB77C6E321FA801BE94B
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 6470D8F6757D03A54C24E91D4AA1ADC4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 1F83A64EA0225C79E71E5A51C16B370A
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D33XUSERID33X
Frame ID: 43E52AA9056534A2F5EAFCD2A579AB02
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6EC7B8B4A09D966AFADD7A01D7ABF8C5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1638242032452
Frame ID: 7B658D1A1CCC059197A1C88EDA91BEA8
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 89DA4B74C332C8DA7ECCECF9FADC1F1A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5649f68000b2f63
Frame ID: 58104BAEB5B5F9C9A6587E59C3E2DB08
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8845FC1AB2DEC2F876C02B9F77956E15
Requests: 2 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: E041A9C25526CB4D63B3B1F2D0417E00
Requests: 28 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://sonichits.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0E462CCE295A7A7EAB8653F46ED22C2E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 154A2787DDCF5767478CA1F5FC6F4C4C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Frame ID: 806FC0437C346B0AED93D7FB2B48F181
Requests: 23 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Frame ID: 4521436DE53698558BF0FAA7BC3ED876
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 39D491127CAFE86C86990EA91CE7C14A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: CE3669BDE0B36C37D794370832B59938
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=204A8A74-7C40-464A-837C-6826C42325CA
Frame ID: 6CADF639B2ABD9CB6725F4436D5E2E93
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1329858896597773705
Frame ID: E4B8CD04BE829DE5D8CD898F345598E4
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7AE341326E9FA85BC6CB1E6CD45F9EE4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036195967558482059
Frame ID: C96D7345F17D49BA0C022E6734D79E30
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaWW9AAIVQbjNABR&gdpr=0&gdpr_consent=&_test=YaWW9AAIVQbjNABR
Frame ID: 07ECEEDE24B5D85A1F38AE4A305F9C7E
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 8907CFDBB3EDC0470EB2FBE982F704CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 7DFEA9D1A88D3F50AA3F45694EF7EC04
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NNanEyrK70Y0CmUnG7wMX5sh
Frame ID: 7C3075A08773631DB1C02A53F8733279
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-04db035f-b74a-453f-8db7-81177f6b382e-003
Frame ID: 1BCCCC31C4C2271C14711ED567D5772B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: DFA6F1C62105E6C82B7EBF15382FF3DF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4E38974934ADA4F41AB5445DDF821839
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 1CEEA80EE0C8AC62F9E311801846A2B7
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bf782a62-2597-4fe6-9230-c36e609c797b-tuct89f1c74&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 5EE4180C3E38C40F46DE0EBD897B9A2C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EEE199B9C83A67CF0D3A1B1AABCE89E4
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=53fc3b21b0553aaa&uid=204A8A74-7C40-464A-837C-6826C42325CA
Frame ID: E9CBF75555501424CD64B4A9BB0D4BC6
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 7823FDA2FA0F831F39B87CC26906F2D1
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/eplanning/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=AJW33gWmCu8hm3g6
Frame ID: 9BDA3356CAACECB516205B0245EA0EC5
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Frame ID: 211766E5AE1064FBBC255519267CB8D2
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SonicHits | Lyrics, Song Meanings, Music Videos, Full Albums & Artist Biographies

Page URL History Show full URLs

http://sonichits.com/ HTTP 301
https://sonichits.com/ Page URL

Page Statistics

330
Requests

73 %
HTTPS

26 %
IPv6

97
Domains

155
Subdomains

108
IPs

13
Countries

2931 kB
Transfer

7152 kB
Size

145
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.lyricfind.com/
Title: LyricFind

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sonichits

Search URL Search Domain Scan URL

URL: http://www.twitter.com/sonichits

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sonichits.com/ HTTP 301
https://sonichits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://sonichits.com/artist_image/QWRlbGU=/MDIxYWRhNmVkNGE2NTg3YWQ4NGE1YzYwZmQ3ODFiZTk=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/d9ba3ec67df9e4de0e01f31f0619328f.webp

Request Chain 31

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsonichits.com%2F&domain=sonichits.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=RNJ7k3w0M2d6aDVmKzJXeHFrMGFLeWdTWG9qSFYzYkIvVWI4aysvYjBteW5TdlNCcXYxNURsOVFXcmdjaVA5SGxlT1M0clJSdk1MVWVUTVNYYjNIZ1pTSzBkTURuNmZMcjIvZStPay82dUpTZ1ljWGhBNDR3bGVRVlJ4L2RxNUdlK0Zyc0R1akliRlFsbXBtUmJ1NnNxc0NkOHdYS3Q5cHVjU296MlB3YytqaWJFcWUwV3BFN2lEWnN5bTBkRU9SRzVXdlJUa01nbXdEMVhraklFNnNQWldBNWRELzBXZ2NzSEhwOENvaFR3cUtKZmQ0PXw&cppv=2

Request Chain 57

https://ads.us.e-planning.net/pbjs/1/25987/1/sonichits.com/ROS?rnd=0.24682690552120357&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F HTTP 302
https://ads.us.e-planning.net/hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.24682690552120357&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F

Request Chain 86

https://sonichits.com/artist_image/VGF5bG9yIFN3aWZ0/MGNlZTZkN2U5YjZmYjIwNzc2NTZhYzM0NDVmMzQ1YjE=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/9f4836d41c1f610e6a95f1038d586224.jpg

Request Chain 87

https://sonichits.com/artist_image/QnJ1bm8gTWFycw==/MGM3Nzk5MTllMzYwODM1MTU0ZTIyNmMxZDBmNGMzZWE=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/4bfadda18a4e26e7558c6330ec13d12a.webp

Request Chain 88

https://sonichits.com/artist_image/TGlsIE5hcyBY/M2YyZTA5ZmJiZTM1NWU1OGEzODllNTk1NDk0ZWM4ZWQ=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/80e9af6984f5dab787c87ddd5c11a867.webp

Request Chain 89

https://sonichits.com/artist_image/RG9qYSBDYXQ=/ZGIzMzZlZjNhYTg0NmJkZTYyZDdkNTkwZjM1NmQ2YTA=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp

Request Chain 90

https://sonichits.com/artist_image/T2xpdmlhIFJvZHJpZ28=/NjlhODE3NTljOWRmM2Y2MjMxMzk2MTE5YzU5YTA2MDI=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/9da8add22ca31771a440d2a6f7615f6d.webp

Request Chain 91

https://sonichits.com/artist_image/VGhlIEtpZCBMQVJPSQ==/NTJmMDZmMzc3MmE1Y2MzNjBjMGNhYzFjNjMyOTY0MmU=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/36368d6fb0f926b10057d4b4778daf32.webp

Request Chain 92

https://sonichits.com/artist_image/QmlsbGllIEVpbGlzaA==/NTg0MDI0M2UxMjdmODFlNjM2NTZjNjUzZGNhZDdhODE=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/ee8173de0f04cbbb282fc62a5583fda9.webp

Request Chain 93

https://sonichits.com/artist_image/VGhlIFdlZWtuZA==/MzUyYmVhNWM3N2QwOTcyNmM3NGQwNzNlMDM2YTdhYTg=/extralarge HTTP 301
https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp

Request Chain 109

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&adnxs_id=1499637864729228157

Request Chain 110

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3

Request Chain 111

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=86664EF0-791C-47DE-8D3D-8FA1018D7E9D&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&google_gid=CAESENA_Pz7B9WA92hNQtW0iSh4&google_cver=1&google_ula=450542624,0

Request Chain 113

https://ids.ad.gt/api/v1/g_hosted?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZjMzYTNkMDQtMGEyMC00YWFhLTlmOTItZWUyZjgyMzQ5MmIz

Request Chain 115

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3 HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=27369775413816376110146659282807109481&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3

Request Chain 119

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=08122270-f26d-4235-bc7a-3e94fe779092&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=08122270-f26d-4235-bc7a-3e94fe779092&adnxs_id=1499637864729228157

Request Chain 120

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08122270-f26d-4235-bc7a-3e94fe779092 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08122270-f26d-4235-bc7a-3e94fe779092 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=08122270-f26d-4235-bc7a-3e94fe779092

Request Chain 121

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08122270-f26d-4235-bc7a-3e94fe779092 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08122270-f26d-4235-bc7a-3e94fe779092 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=08122270-f26d-4235-bc7a-3e94fe779092

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=08122270-f26d-4235-bc7a-3e94fe779092 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=08122270-f26d-4235-bc7a-3e94fe779092&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=08122270-f26d-4235-bc7a-3e94fe779092&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0

Request Chain 123

https://ids.ad.gt/api/v1/g_hosted?id=08122270-f26d-4235-bc7a-3e94fe779092 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgxMjIyNzAtZjI2ZC00MjM1LWJjN2EtM2U5NGZlNzc5MDky

Request Chain 125

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=08122270-f26d-4235-bc7a-3e94fe779092&impr_uid=2c557bcc-25d1-47e0-a83b-570bb85f9327

Request Chain 126

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26unruly_id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/audigent/0?zcc=1&dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26unruly_id%3D%5BRX_UUID%5D&cb=1638242033246 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-04db035f-b74a-453f-8db7-81177f6b382e-003?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26unruly_id%3DRX-04db035f-b74a-453f-8db7-81177f6b382e-003 HTTP 302
https://ids.ad.gt/api/v1/unruly?id=08122270-f26d-4235-bc7a-3e94fe779092&unruly_id=RX-04db035f-b74a-453f-8db7-81177f6b382e-003

Request Chain 132

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&adnxs_id=1499637864729228157

Request Chain 133

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=60cc6507-658f-4b04-9ef8-8fa17d9aacf1 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1

Request Chain 134

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D60cc6507-658f-4b04-9ef8-8fa17d9aacf1 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0

Request Chain 136

https://ids.ad.gt/api/v1/g_hosted?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NjBjYzY1MDctNjU4Zi00YjA0LTllZjgtOGZhMTdkOWFhY2Yx

Request Chain 138

https://ids.ad.gt/api/v1/rub?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1 HTTP 302
https://token.rubiconproject.com/token?pid=50242&puid=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&gdpr=0

Request Chain 139

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1 HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ACB3BU7DSy4AACo9jHsDFQ&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1

Request Chain 192

https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1

Request Chain 198

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator

Request Chain 207

https://x.bidswitch.net/sync?ssp=insticator&custom_data=5721953d-9d5b-40ae-88b6-e6eaac5b9422 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=5721953d-9d5b-40ae-88b6-e6eaac5b9422 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8535d9e1-fab2-4fd7-8092-f8af213b6c64&ssp=insticator&gdpr=&gdpr_consent=

Request Chain 208

https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D HTTP 302
https://ex.ingage.tech/v1/sync/amx/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=18582f18-3977-4dba-96ec-24b23aee269b&gdpr=0

Request Chain 211

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://ex.ingage.tech/v1/sync/sovrn/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=811336cca82ee4699fb6154b

Request Chain 213

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3De9f6dbc5959c14ee%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3De9f6dbc5959c14ee%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=e9f6dbc5959c14ee&uid=811336cca82ee4699fb6154b

Request Chain 216

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaWW9P3WdfZdihPmS2mg8wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK-Pbe5FPX_cgBskvs2UzGc&google_cver=1&gdpr=1

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBDdrmgJuXD_Bh9zxikOBsQ&google_cver=1

Request Chain 219

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB&dcc=t

Request Chain 220

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1920574142287785909

Request Chain 222

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pZbEWWSB1MRTAE5&gdpr=1

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEEegfEcZxq6oCgJssPGBc0s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 228

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=45189448-e9f8-4288-9aec-2dfb1e4a1612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 230

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 233

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=204A8A74-7C40-464A-837C-6826C42325CA&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 234

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=19937ff7-8879-4232-a5a5-a7002f27665e&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 235

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=749bc7fb-c9af-43dd-556e-949ae0e22221&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=27369775413816376110146659282807109481&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 237

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7036195967558482059&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 238

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=749bc7fb-c9af-43dd-556e-949ae0e22221 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=749bc7fb-c9af-43dd-556e-949ae0e22221

Request Chain 239

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=749bc7fb-c9af-43dd-556e-949ae0e22221&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=749bc7fb-c9af-43dd-556e-949ae0e22221&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361&bounce=1&random=2914794186 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=Knt2pZcuuf.ITR4mZBsQvu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 240

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 241

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=749bc7fb-c9af-43dd-556e-949ae0e22221?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=749bc7fb-c9af-43dd-556e-949ae0e22221?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=5add69d7d1f9ced71d7610b9271076fa&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 242

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-DXfpGpVE2ordqZo.srcX5Z5Qmu1RufhJzA--~A&zpartnerid=570&env=mWeb

Request Chain 243

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=NZzY1EoA079tjhu3Kzw24fnBUm5Bbg7M%2BS41iYitP1U%3D

Request Chain 247

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361&_test=YaWW9AAIai8Q0wBG

Request Chain 249

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 250

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361&dcc=t

Request Chain 251

https://tags.bluekai.com/site/87734?id=749bc7fb-c9af-43dd-556e-949ae0e22221&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 252

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Request Chain 253

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D53fc3b21b0553aaa HTTP 302
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=53fc3b21b0553aaa

Request Chain 258

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D53fc3b21b0553aaa HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F

Request Chain 259

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D53fc3b21b0553aaa%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=53fc3b21b0553aaa&uid=1499637864729228157

Request Chain 263

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 271

https://c1.adform.net/serving/cookie/match?party=14&cid=204A8A74-7C40-464A-837C-6826C42325CA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=204A8A74-7C40-464A-837C-6826C42325CA

Request Chain 272

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1329858896597773705

Request Chain 274

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036195967558482059

Request Chain 275

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YaWW9AAIVQbjNABR HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaWW9AAIVQbjNABR&gdpr=0&gdpr_consent=&_test=YaWW9AAIVQbjNABR

Request Chain 276

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUNCM0JVN0RTeTRBQUNvOWpIc0RGUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 277

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 278

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NNanEyrK70Y0CmUnG7wMX5sh

Request Chain 279

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8386837721 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7fed5bb0-88f2-48f6-ab21-42aa630a8387 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-04db035f-b74a-453f-8db7-81177f6b382e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-04db035f-b74a-453f-8db7-81177f6b382e-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-04db035f-b74a-453f-8db7-81177f6b382e-003

Request Chain 283

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bf782a62-2597-4fe6-9230-c36e609c797b-tuct89f1c74&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 284

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IEqKdHxARkqDfGgmxCMlyg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 287

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2bf161a5-96f4-4000-a3e0-bde7f264dc61

Request Chain 288

https://pixel.onaudience.com/?partner=214&mapped=204A8A74-7C40-464A-837C-6826C42325CA HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=c56ac35b42323833

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjA0QThBNzQtN0M0MC00NjRBLTgzN0MtNjgyNkM0MjMyNUNB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHH96S6dE8nBOWyM9HMEVcU&google_cver=1

Request Chain 292

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b85261a5-96f4-4800-9343-4b75fdab7c03&gdpr=0&gdpr_consent=

Request Chain 293

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8916238368866614867

Request Chain 294

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7fed5bb0-88f2-48f6-ab21-42aa630a8387

Request Chain 295

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1499637864729228157&gdpr=0&gdpr_consent=

Request Chain 296

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iSHW24Ym0dqSKIHZ3SKa2Id00deSKdTdiyZm_Sb4

Request Chain 298

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=204A8A74-7C40-464A-837C-6826C42325CA&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=204A8A74-7C40-464A-837C-6826C42325CA&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-e5gRCmtE2uVKD7Qf4.wZtlFgrj1I0mk-~A&gdpr=0&gdpr_consent=

Request Chain 299

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2812522333820147681&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 300

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=9f863214-4ec6-4ef8-b97f-1d0b1210f6ae&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8535d9e1-fab2-4fd7-8092-f8af213b6c64&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 302

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 303

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:37386c78-08d3-439a-979f-9fd3634bdcab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 304

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1499637864729228157

Request Chain 306

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D97e31900-6a39-46b3-67db-12b67d1e5a7e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=97e31900-6a39-46b3-67db-12b67d1e5a7e&zdid=1361

Request Chain 309

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2596349551706363873

Request Chain 310

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1aee61a5-96f4-4400-ab12-4bd646cf2d8c&gdpr=1&gdpr_consent=

Request Chain 311

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YaWW9AAIakgQ8gBG HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWW9AAIakgQ8gBG&gdpr=1&_test=YaWW9AAIakgQ8gBG

Request Chain 313

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1992631735042310040

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=&google_gid=CAESEKNvAKVAPDyXEjBGeS8F_A8&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 325

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=8916238368866614867 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEKNvAKVAPDyXEjBGeS8F_A8&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=

Request Chain 329

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/5add69d7d1f9ced71d7610b9271076fa/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2812522333820147681

Request Chain 330

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b85261a5-96f4-4800-9343-4b75fdab7c03

Request Chain 332

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5add69d7d1f9ced71d7610b9271076fa&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=27369775413816376110146659282807109481

330 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sonichits.com/
Redirect Chain

http://sonichits.com/
https://sonichits.com/

400 KB
67 KB

537ms
518ms

Document
text/html

2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9633965ce8f46deaf3a3e17656911560f011de263428843616851b11a3a4f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 03:13:51 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=1209600
pragma: cache
expires: Tue, 14 Dec 2021 03:13:51 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDcTIidmv%2FnPD19n4iKANNNPz%2Fy63b9heS4DBQlXaAV81lViWzvcpYdWPHWCjflz8pQaXa%2F2NkcmAv%2BVMrIr0%2BvH7br1BgNYem5OiAC7r23SiMYG8vJ6PYvJ6NCbS98bzhURtwlxue4jx%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b60e6f739351f39-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 30 Nov 2021 03:13:51 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://sonichits.com/
Cache-Control: max-age=600
Expires: Tue, 30 Nov 2021 03:23:51 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfhsIAW7KjIc1aQ7j%2F8CyB987SnEy1kvipsD5M55vM2VNixkLFpo43CfQ59dcnYBhKhLBJvbNURIzJ4Kias1jPF8ZoGR0%2B8j6zCuWasGKXG1GRgH7HeSN%2Fie2l86slRprmRvdxhhHUZgpZs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6b60e6f5abf0695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/U3ASj1L6_sY/ 24 KB
25 KB 35ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/U3ASj1L6_sY/sddefault.jpg

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c49ddbe61a20ded1cbf1a8e61c2d3bf9e7390a7a328d3edad78ede328dc094ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:06:18 GMT
x-content-type-options: nosniff
age: 453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24818
x-xss-protection: 0
server: sffe
etag: "1634220258"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 05:06:18 GMT

GET
H2 200 fbda09f1-2c7e-4d13-b979-9446a67e7d25.js Show response
product.instiengage.com/product-loader-code/ 12 KB
4 KB 49ms
7ms Script
application/javascript 2600:9000:223d:4400:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://product.instiengage.com/product-loader-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:4400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: U2OtfTWOSHvj3rXdu2HKyOUJbBCpHIUn
content-encoding: br
last-modified: Fri, 19 Nov 2021 16:37:52 GMT
server: AmazonS3
age: 3216
etag: W/"3e178191a86d02cb48d2376422824cdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
date: Tue, 30 Nov 2021 02:20:19 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: aFGmcZuTFXy1_D8pWxVerGJUzqAAIuQ9tWGiOPtY-n_Uy8rGWN38PQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 38ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48241384-2

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d00b9c8f0714e2ef8ce2ebe8b6c9d0e70a12b8c79000e32d34841d290e1b704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36160
x-xss-protection: 0
expires: Tue, 30 Nov 2021 03:13:51 GMT

GET
H2 200 / Show response
sonichits.com/js/ 331 KB
85 KB 34ms
34ms Script
text/javascript 2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sonichits.com/js/?v=1636681992
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59fce0e5467af585c1a1a438682aa4eefc9b8d7c2dedd34ca408057d6e69366f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1554926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: cache
last-modified: Fri, 12 Nov 2021 03:18:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fxj%2FfBUWDMZSMRlymP0ah%2FMz48O4b1Xf0gOALb2Wrcb5kB6%2ByrkE%2BJ10NfBQLOedvPV%2FGmewHVfAxyamV4eqO3IXEb0I5JQ4C4SPCQL0J%2BoSg3qCva7LwdLaaCIbIU0fGzBpnjJInCXI87c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 6b60e6faeb411f39-FRA
expires: Sat, 12 Nov 2022 03:18:25 GMT

GET
H2 200 fbda09f1-2c7e-4d13-b979-9446a67e7d25.js Show response
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 13 KB
5 KB 37ms
11ms Script
application/javascript 2600:9000:223f:4400:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86dd570752bafa5a29624133d5ff48bdc260fead7847a5863180dad5f6615674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ccVayOqzQYUDp8p0pa.U4IqWXMuz_tF8
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 15:45:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"3b6cdde34216d9e29853f1a75befe6e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Tue, 30 Nov 2021 03:13:51 GMT
x-amz-cf-id: YfOruR-TdyK0IE7ztolKkDHTgWNhdcWCmcRzeoV5oAdtrzXNlPTA1Q==

GET
H2 200 AGSKWxWNmYbyOIjq6k37UAGcxdmWhzyoc-5NKtBmkD5AI5q3kLey80Sxu_XDCBCPJ6BG7nDNc2ZYgzWx10mB_Mwt0ls= Show response
fundingchoicesmessages.google.com/f/ 76 KB
28 KB 62ms
37ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWNmYbyOIjq6k37UAGcxdmWhzyoc-5NKtBmkD5AI5q3kLey80Sxu_XDCBCPJ6BG7nDNc2ZYgzWx10mB_Mwt0ls=

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e5986ee59b10376300a1640b779775bad0107e542099146c4d32db688b749c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aUlmxj9mQo6lRbzhn1zyLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aUlmxj9mQo6lRbzhn1zyLg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-aUlmxj9mQo6lRbzhn1zyLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aUlmxj9mQo6lRbzhn1zyLg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48241384-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 764
date: Tue, 30 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 05:01:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 45ms
19ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1059 / 995 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 03:13:51 GMT

GET
H/1.1 200
OK close_48.png
cdn.clickfuse.com/overlay/images/ 788 B
1 KB 42ms
7ms Image
image/png 18.66.139.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clickfuse.com/overlay/images/close_48.png
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d685aacbfdc4b9019d05c149697b612f4dac768d20fbb40d38b461943cd5dd7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 18:19:35 GMT
Via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 16 Oct 2018 21:35:47 GMT
Server: AmazonS3
Age: 72561
ETag: "1fd77d0889e08c6dbafaefd2a12f77cc"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public max-age=31536000
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 788
X-Amz-Cf-Id: F3yAhX94J87-o8evUDbw4cA-QDiJ83W1otAgszmKTR1KTuyBrlEA0A==

GET
H2

200

d9ba3ec67df9e4de0e01f31f0619328f.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/QWRlbGU=/MDIxYWRhNmVkNGE2NTg3YWQ4NGE1YzYwZmQ3ODFiZTk=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/d9ba3ec67df9e4de0e01f31f0619328f.webp

12 KB
13 KB

35ms
6ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/d9ba3ec67df9e4de0e01f31f0619328f.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: e900c287990a184ada05b2ab5dfc5600edfeef24b2296c57ea8ad43f9ca55ffd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
via: 1.1 varnish
age: 2169119
x-cache: HIT
content-length: 12668
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242032.266562,VS0,VE1
etag: "0e6e895c1364be36b3e0d29bce50f68c406adb12"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Chn%2Fq4Kj7Wk0cFmIVu8QygFiQIkQ3WpicTYwAl9kVJglbM2%2BZq05lhaF1Q8qg%2BQ9jcZ19v2hlYJzTftwx5jCSjIFH7ONWXINt0H%2B8swfo1jLxCG3Gk%2BwusVukU9Qj19sYck9Jk0rSoUYKp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/d9ba3ec67df9e4de0e01f31f0619328f.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e6fb4b937022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:52 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d614d0c48799621b4301a34a64082f6adbe66439a52aa5ab2541c1704ea43f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c06789e2affc2b5ecfdfb35d1cc9f2d766bdd995cb10d9e7257609503e282aa4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 tf.php Show response
sonichits.com/ Frame 0FA0 814 B
1 KB 354ms
354ms Document
text/html 2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc63e334260bb52af4b1e62cd5f168f4d81793cf65bd2c3e075e24b38917c513

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=3153600000
pragma: cache
expires: Thu, 06 Nov 2121 03:13:52 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dOWbkZc6LwgcuL5x%2F%2BUUaIAFxq7IVutbjgz5VHRnxlln1PhYrQb98KK%2FUBDs4oKKLz64I2cQ%2FgB5OPdJUE9t060vD5f0yq8KMLD9N1PY0gGKy7%2FmQmm2F0YBvruYKfMJ2kbp3%2B5TjNZHTM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b60e6fb6bbc7022-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 tf.php Show response
sonichits.com/ Frame DF03 814 B
1 KB 338ms
338ms Document
text/html 2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdeb3227bb247409d0c89005c1dbb348c44063cac8c3c8fa7284f7f5b9b47983

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=3153600000
pragma: cache
expires: Thu, 06 Nov 2121 03:13:52 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKGPlmRQgWehBAQ3qC8ef0nA%2FhL9bMEqDEP87H7ukGq1FfNVmqd%2Bvn2cT1mh6%2B6Mt1EJgTutwqLLXNx%2FOKt89dTGyeQGQAC3VdwysU%2BWDoxClxoFotqgBgPuwJujQ6VjmjB6%2BVQuH%2F5kyHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b60e6fb9bf67022-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 356 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ea321d799e3ff43961ab684a14e65597b43c744a90238064f9bfc8e3c626916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 22557fe2-2053-4345-90b4-a57ecf7c3b8b.js Show response
d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/ 118 KB
23 KB 40ms
11ms Script
application/javascript 2600:9000:223e:ce00:3:f434:dfc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/22557fe2-2053-4345-90b4-a57ecf7c3b8b.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ce00:3:f434:dfc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1eaac347af004baa3ab96aad9668ccdfa3eba7d27edd66147a3476b8041f5d93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: EBiwpAETEWBt1.fxu2u6bxcb1tW4EsIw
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"c3da531704887d940cca0aa7f65f2b54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8a6f67a9421de326f43e9107751b580f.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Tue, 30 Nov 2021 03:13:51 GMT
x-amz-cf-id: tpkC0kYqh1TerUOE7KJwrAQN-xZggMgq5XuJbqz7KKlZUmba1UJ7TQ==

GET
H2 200 / Show response
geoip.instiengage.com/json/ 241 B
425 B 305ms
96ms XHR
application/json 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.instiengage.com/json/
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: a1e761d1dcc9473463928503048ffe6e0a6470aea6ede5f70ae24652f4aae460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:52 GMT
access-control-allow-credentials: true
x-database-date: Mon, 29 Nov 2021 16:46:58 GMT
content-length: 241
vary: Origin
content-type: application/json

GET
H2 200 index.html Show response
auth.instiengage.com/auth/ Frame B6CC 73 B
438 B 21ms
8ms Document
text/html 2600:9000:223d:4400:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.instiengage.com/auth/index.html
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:4400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

content-type: text/html
content-length: 73
last-modified: Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id: Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Nov 2021 03:12:54 GMT
etag: "d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache: Hit from cloudfront
via: 1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: _zDY0VOTN9i7Yk-WDsvAgfnrLuUdgBFgOywnXN9NXvsu81bUBVkaKA==
age: 81

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 32ms
17ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 03:13:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 161 B
136 B 29ms
15ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sonichits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f34ff9ac7f5071b46f6b062a3e6a86152a1c83288149b3dbe3bdff1d362ec857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Tue, 30 Nov 2021 03:13:51 GMT

POST
H3 204 AGSKWxVqNRzFScZIcYgVxKAhZtH_QIQ-MG0eE6OHpTHoan8L4Yw031AuUgTqD0Jd7uhDDbXjGCkCkbsJCCOqcJQkbwE= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 35ms
20ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVqNRzFScZIcYgVxKAhZtH_QIQ-MG0eE6OHpTHoan8L4Yw031AuUgTqD0Jd7uhDDbXjGCkCkbsJCCOqcJQkbwE=?pvid=16EB2D4C-7CAD-49F1-97AD-4600FCEA3274&anonid=34EC75A1-4D3B-44AC-BBBC-C08C7EC07A98

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Z_dGtx7tsDI.es5.O/d=1/rs=AJlcJMybvMbYEQl87syuWh_PtLEA0pgg6g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KnEnstxtrD8FRsw8Ls7d6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KnEnstxtrD8FRsw8Ls7d6g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-KnEnstxtrD8FRsw8Ls7d6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KnEnstxtrD8FRsw8Ls7d6g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV-w7dceFnd8yIVdWvBH90oV1nPfbUDVjzCZqBRu1RfY64MB9S4LG3379IpvWfMjwTecJvdBYOAhX57npF_e2A= Show response
fundingchoicesmessages.google.com/f/ 253 KB
51 KB 60ms
45ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-w7dceFnd8yIVdWvBH90oV1nPfbUDVjzCZqBRu1RfY64MB9S4LG3379IpvWfMjwTecJvdBYOAhX57npF_e2A=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM4MjQyMDMyLDQwMDAwMDBdLCIxNkVCMkQ0Qy03Q0FELTQ5RjEtOTdBRC00NjAwRkNFQTMyNzQiLCIzNEVDNzVBMS00RDNCLTQ0QUMtQkJCQy1DMDhDN0VDMDdBOTgiLG51bGwsW251bGwsWzddLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZV0sImh0dHBzOi8vc29uaWNoaXRzLmNvbS8iLG51bGwsW11d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee8b683ae1c1a9f74e7012eb5120e1f1ca273ccdcf04b43519b92e66f031b2e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4+8V8ScJDlfRTXlYt35fiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4+8V8ScJDlfRTXlYt35fiA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-4+8V8ScJDlfRTXlYt35fiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4+8V8ScJDlfRTXlYt35fiA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apricots.js Show response
srv.tunefindforfans.com/fruits/ 18 KB
6 KB 103ms
31ms Script
text/javascript 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tunefindforfans.com/fruits/apricots.js
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: 60f3c72f3d36e2f0f90c7b618e638ef052674305ff1c6c2cc0e313a16959f8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 19:12:26 GMT
server: Apache/2.4.51 (Amazon)
etag: "476f-5d1f238a84afd-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=60, public
accept-ranges: bytes
content-length: 6175
expires: Tue, 30 Nov 2021 03:14:52 GMT

GET
H2 200 bundle.js Show response
auth.instiengage.com/auth/ Frame B6CC 76 KB
26 KB 9ms
9ms Script
application/javascript 2600:9000:223d:4400:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.instiengage.com/auth/bundle.js
Requested by: Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:4400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.instiengage.com/auth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:58:37 GMT
server: AmazonS3
age: 305
etag: W/"3f019eeba204464fe4c8dad30cf9150b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
date: Tue, 30 Nov 2021 03:09:42 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: EAxy29w5GEwcKm1yu32djX97Rok77ZHCcdLlVyyW0arPc2iUip84Zg==

GET
H2 200 / Show response
geoip.insticator.com/json/ 241 B
425 B 329ms
91ms XHR
application/json 52.202.233.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/22557fe2-2053-4345-90b4-a57ecf7c3b8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-233-191.compute-1.amazonaws.com
Software: /
Resource Hash: a1e761d1dcc9473463928503048ffe6e0a6470aea6ede5f70ae24652f4aae460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:52 GMT
access-control-allow-credentials: true
x-database-date: Mon, 29 Nov 2021 16:46:58 GMT
content-length: 241
vary: Origin
content-type: application/json

GET
H2 200 usertracking Show response
b2c.insticator.com/v3/pages/ Frame DFEA 8 KB
3 KB 335ms
104ms Document
text/html 3.217.66.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b2c.insticator.com/v3/pages/usertracking
Requested by: Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/22557fe2-2053-4345-90b4-a57ecf7c3b8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.66.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-66-208.compute-1.amazonaws.com
Software: /
Resource Hash: 984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-type: text/html; charset=UTF-8
content-length: 2821
etag: 806ca33b-312c-4a27-a3bb-4adc538cf490
vary: Accept-Encoding,Origin
pragma: max-age=3600
cache-control: max-age=3600
content-encoding: gzip

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 194 KB
62 KB 31ms
7ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by: Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/22557fe2-2053-4345-90b4-a57ecf7c3b8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4393b17628fe022ce8c6d21b408b064f8a33388a7450914c0e6e3bdaa682ffe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 20:20:19 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121321-309a2-5d060d6975ec4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=130126
accept-ranges: bytes
content-type: text/javascript
content-length: 62542
expires: Wed, 01 Dec 2021 15:22:38 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 552 KB
79 KB 28ms
6ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by: Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/22557fe2-2053-4345-90b4-a57ecf7c3b8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b4c0abd8926c248e9cd6f9962d492e934455f339a2e24f81ad791ba4d3ebb45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:52 GMT
Content-Encoding: gzip
Age: 3214
X-Cache: HIT
Connection: keep-alive
Content-Length: 80194
x-amz-id-2: g9vZRePJZlfptlUY3N0k9JgXVnuXPbAfMi4ldFD+8VSI7gf6iHNfeY8rSPiodTg/tpistSvPdG8=
X-Served-By: cache-hhn4025-HHN
Last-Modified: Tue, 30 Nov 2021 01:56:47 GMT
Server: AmazonS3
X-Timer: S1638242032.061380,VS0,VE0
ETag: "2a81a8b201cfb6111ce07d9dce512ae6"
x-amz-request-id: 0133W1N6HKY0Y0AF
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 34

POST
H3 204 AGSKWxVqNRzFScZIcYgVxKAhZtH_QIQ-MG0eE6OHpTHoan8L4Yw031AuUgTqD0Jd7uhDDbXjGCkCkbsJCCOqcJQkbwE= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 20ms
19ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bfukLrRRRudAbtBO+iUxtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bfukLrRRRudAbtBO+iUxtg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bfukLrRRRudAbtBO+iUxtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bfukLrRRRudAbtBO+iUxtg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 54 KB
4 KB 46ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.i-4BuPmtD2E.es5.O/d=1/rs=AJlcJMwBgepsL4ibn20Ri-_37p_knwbbyw/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9925babee5b2459d5c5b331cb20984e100de2511993a2d8bbca20627c8fbbaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 03:13:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 03:13:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 03:13:52 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 51ms
19ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsonichits.com%2F&domain=sonichits.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://sonichits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://sonichits.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1300
date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsonichits.com%2F&domain=sonichits.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=RNJ7k3w0M2d6aDVmKzJXeHFrMGFLeWdTWG9qSFYzYkIvVWI4aysvYjBteW5TdlNCcXYxNURsOVFXcmdjaVA5SGxlT1M0clJSdk1MVWVUTVNYYjNIZ1pTSzBkTURuNmZMcjIvZStPay82dUpTZ1ljWGhBNDR3bGVRVlJ4L2...

348 B
605 B

46ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RNJ7k3w0M2d6aDVmKzJXeHFrMGFLeWdTWG9qSFYzYkIvVWI4aysvYjBteW5TdlNCcXYxNURsOVFXcmdjaVA5SGxlT1M0clJSdk1MVWVUTVNYYjNIZ1pTSzBkTURuNmZMcjIvZStPay82dUpTZ1ljWGhBNDR3bGVRVlJ4L2RxNUdlK0Zyc0R1akliRlFsbXBtUmJ1NnNxc0NkOHdYS3Q5cHVjU296MlB3YytqaWJFcWUwV3BFN2lEWnN5bTBkRU9SRzVXdlJUa01nbXdEMVhraklFNnNQWldBNWRELzBXZ2NzSEhwOENvaFR3cUtKZmQ0PXw&cppv=2

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9f325ee5b8aa9d31a1c54df64b110afebff39f3ac002c0e8ce5146553d00223a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 30 Nov 2021 03:13:51 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2605
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Nov 2021 03:13:51 GMT
location: https://mug.criteo.com/sid?cpp=RNJ7k3w0M2d6aDVmKzJXeHFrMGFLeWdTWG9qSFYzYkIvVWI4aysvYjBteW5TdlNCcXYxNURsOVFXcmdjaVA5SGxlT1M0clJSdk1MVWVUTVNYYjNIZ1pTSzBkTURuNmZMcjIvZStPay82dUpTZ1ljWGhBNDR3bGVRVlJ4L2RxNUdlK0Zyc0R1akliRlFsbXBtUmJ1NnNxc0NkOHdYS3Q5cHVjU296MlB3YytqaWJFcWUwV3BFN2lEWnN5bTBkRU9SRzVXdlJUa01nbXdEMVhraklFNnNQWldBNWRELzBXZ2NzSEhwOENvaFR3cUtKZmQ0PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3409
content-length: 482
expires: 0

GET
H2 200 fbda09f1-2c7e-4d13-b979-9446a67e7d25.js Show response
df80k0z3fi8zg.cloudfront.net/files/instibid/ 264 KB
75 KB 36ms
9ms Script
application/javascript 2600:9000:2251:2400:10:3422:3f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Requested by: Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/22557fe2-2053-4345-90b4-a57ecf7c3b8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2400:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b679056fd80d4ff355b8033e31e7b88cc089d82afce7819130e6c97b62836cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:45:40 GMT
content-encoding: br
last-modified: Tue, 23 Nov 2021 17:18:12 GMT
server: AmazonS3
age: 30493
etag: W/"af074d7ea3ca5b255cc07a3d6c92cfd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: X_nD8iAT80JSVr_LEITRFPyHVeCQ1Dbq
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-type: application/javascript
x-amz-cf-id: t2Mql8isQLbPHUgRo44o-MuTV5zCXVn2XBA1T0Th7_DPG8VuMFyP5w==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 189 KB
60 KB 7ms
6ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:52 GMT
Content-Encoding: gzip
Age: 86
X-Cache: HIT
Connection: keep-alive
Content-Length: 61293
x-amz-id-2: +rWc6eufU5jOidbpbNf5nmNWOido4rIxQv3uw12a/d3yxJRo1iZ3OEwmGrZLUFynrCrg65zOrg4=
X-Served-By: cache-hhn4025-HHN
Last-Modified: Wed, 17 Nov 2021 21:29:49 GMT
Server: AmazonS3
X-Timer: S1638242032.150978,VS0,VE0
ETag: "cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id: 06PEXESX9KBETWN5
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 28

POST
H3 204 AGSKWxVf5c3sHrN6vPjOKH499N7ecutwikRiJL8mXr7ujFmm-qwQyiFDQJfvBV7f48N2oofvWshSxjdrp4Wp43iZsy7jso-yM0zyAG7Aqw8RcjHUkuSVeeSj294i4ZSdxcP2r28F-RZD0l8HTp6bDL8Y3tcCAeDXtc-OxitRxV0V98tNB-GxrBlQo2O6wD7i Show response
fundingchoicesmessages.google.com/el/ 0
26 B 23ms
22ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVf5c3sHrN6vPjOKH499N7ecutwikRiJL8mXr7ujFmm-qwQyiFDQJfvBV7f48N2oofvWshSxjdrp4Wp43iZsy7jso-yM0zyAG7Aqw8RcjHUkuSVeeSj294i4ZSdxcP2r28F-RZD0l8HTp6bDL8Y3tcCAeDXtc-OxitRxV0V98tNB-GxrBlQo2O6wD7i?dmid=dc1aaa8f14ac471c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-86OkaTziwwGI1hbq5pikdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-86OkaTziwwGI1hbq5pikdw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-86OkaTziwwGI1hbq5pikdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-86OkaTziwwGI1hbq5pikdw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adunit.php Show response
srv.tunefindforfans.com/showads/ 1012 B
2 KB 49ms
48ms Script
text/javascript 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tunefindforfans.com/showads/adunit.php?id=100004332&di=&subtag=&search=&artist=Adele&song=Easy%20On%20ME&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1638242032189
Requested by: Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: 3f326505c910749d7aada49bc1d768e829f0388265b4bfa7e452687dad579a7b

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript;charset=UTF-8
server: Apache/2.4.51 (Amazon)
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
content-length: 1012
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v117/ 116 KB
116 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v117/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d100945f5ec292fa9a3bf294212c7de3a425fb856dd4016d20a28110fce02d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sonichits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 23:33:30 GMT
x-content-type-options: nosniff
age: 531622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118576
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 23:08:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 23:33:30 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 32ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sonichits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 307310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 55ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2575
date: Tue, 30 Nov 2021 03:13:51 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 204 insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 0
0 352ms
92ms Preflight 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://sonichits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:52 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 395501979
age: 0
via: 1.1 varnish

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 216ms
190ms Preflight 2606:4700:10::6816:b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://sonichits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-length: 0
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b60e6fe0df24e0d-FRA

GET
H2 200 95 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 644ms
220ms Script
application/javascript 35.163.3.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2F&ref=
Requested by: Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.3.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-3-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: a90f1d6ff02c2baa1365d6ca82dc10bd132543edb401d866a8f73f07dc0f76f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
server: nginx/1.18.0
content-length: 3427
content-type: application/javascript

GET
H2 200 imp.php
srv.tunefindforfans.com/showads/track/ 42 B
296 B 43ms
43ms Image
image/gif 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.tunefindforfans.com/showads/track/imp.php?cid=99928959&aid=100004332&artist=Adele&song=Easy+On+ME&search=&b=Chrome_96&cs=1&uri=https%3A%2F%2Fsonichits.com%2F&t=1638242032&subtag=&ldmo=&av=true&atv=old
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-cache, must-revalidate
server: Apache/2.4.51 (Amazon)
content-type: image/gif
content-length: 42
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 /
sonichits.com/css/ 55 KB
15 KB 21ms
16ms Stylesheet
text/css 2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sonichits.com/css/?t=late&v=1628571030
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f7b4bbf3e4fcea26e790ff48c8d3fdd03399979d871d05c7f22885cdb9baea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9670987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: cache
last-modified: Tue, 10 Aug 2021 04:50:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkycWhnW9Uif7rCG%2FxXL6SpOLnFAqr1bd8vRFB6qfeOlt2DL0mxTzNpMvqhYb1EC7Y5Rk%2BU2MHrq8y1IH6%2FADw599pauSZAFpnCUL5vDmjMsPNOYMX6pIbJakExq35MXE3FvCPYiFkvGheE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 6b60e6fdae3a7022-FRA
expires: Wed, 10 Aug 2022 04:50:45 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
286 B 128ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 16384d968e89d379e3838a2a082c960e5a29a74575a3f05166692dac998f38a6

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
157 B 128ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: bbc377325564763bfab906b0639296ebc02dd47db03c73318b0badc93a977921

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 22ms
8ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:52 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 811a09a7-4d3e-416a-a715-88002ae2e9b2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sonichits.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
insticator-d.openx.net/w/1.0/ 71 B
376 B 57ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsonichits.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=43e59e00-ea73-4374-81c7-75d15d78245b%2Cfefa7781-5459-4102-9454-b13c25016af3&nocache=1638242032289&pubcid=f13dc325-9290-4bde-9828-2a25a2de2948&schain=1.0%2C1!insticator.com%2Ca21f07e9-5126-46ba-b531-0e6f3057443b%2C1%2C%2C%2C&aus=320x50%2C300x250%7C300x250&divids=div-insticator-ad-1%2Cdiv-insticator-ad-2&aucs=%2C&auid=545647789%2C545647789
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 76e09afd06badcb1642b21a1258404dcc76f98972985a843f65594eb67769443

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://sonichits.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 116 B
749 B 75ms
18ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221472203d74eb5a3%22%3A%22762d5943d8c09455289e%7C320x100%2C320x50%2C300x250%22%2C%22156c77ee93048c1%22%3A%221c1541a93617ea6cc084%7C300x250%22%7D&ref=https%3A%2F%2Fsonichits.com%2F&s=20202e93-26af-4f85-9e92-fa6d24d58a07&pv=07a48f96-9012-4a12-9746-e904cd2e9e1e&vp=desktop&lib_name=prebid&lib_v=4.43.4&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22a21f07e9-5126-46ba-b531-0e6f3057443b%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22f13dc325-9290-4bde-9828-2a25a2de2948%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f13dc325-9290-4bde-9828-2a25a2de2948%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e5b4d4544bfd79a81c0fe611143b3a1091cbfd50f5eb0026caab4fbe1966ac4b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:52 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://sonichits.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 141
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
322 B 522ms
228ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B432AEA26A786D069E96DDE27397A&tdid=&schain=1.0%2C1!insticator.com%2Ca21f07e9-5126-46ba-b531-0e6f3057443b%2C1%2C%2C%2C&eids=&pubcid=f13dc325-9290-4bde-9828-2a25a2de2948&host=sonichits.com&u=https%3A%2F%2Fsonichits.com&xr=0&ucfUid=7faff978-6cb6-4d2d-8407-ae29bed2ee3b&w=320&h=100
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:52 GMT
access-control-allow-credentials: true
connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
322 B 483ms
188ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B432AEA26A786D069E96DDE27397A&tdid=&schain=1.0%2C1!insticator.com%2Ca21f07e9-5126-46ba-b531-0e6f3057443b%2C1%2C%2C%2C&eids=&pubcid=f13dc325-9290-4bde-9828-2a25a2de2948&host=sonichits.com&u=https%3A%2F%2Fsonichits.com&xr=0&ucfUid=7faff978-6cb6-4d2d-8407-ae29bed2ee3b&w=300&h=250
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:52 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 insticator Show response
insticator.technoratimedia.com/openrtb/bids/ 0
292 B 588ms
99ms XHR
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 458185449
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 21ms
8ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:52 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ed494711-2196-4116-897c-36971fd81882
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sonichits.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
157 B 39ms
14ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1638242032296&src=pbjs
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ 2 KB
957 B 228ms
210ms XHR
application/json 2606:4700:10::6816:b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ac7e0aa010e06943652546b45fe608a5d1c2b2cbfbbe4d73dd2cc509476915

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true
cf-ray: 6b60e6ff5f797028-FRA

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
375 B 277ms
90ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 204 mvo Show response
tag.1rx.io/rmp/213651/0/ 0
169 B 48ms
12ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sonichits.com
pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/25987/1/sonichits.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/25987/1/sonichits.com/ROS?rnd=0.24682690552120357&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&nc...
https://ads.us.e-planning.net/hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.24682690552120357&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv...

663 B
1 KB

15ms
15ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.24682690552120357&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 05c36ea546e9f2ddfd4847039c9f7888ea5c9bd4b5e45c18bf1d2b07fc001142

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://sonichits.com
expires: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 663
x-sid: AMS-606

Redirect headers

date: Tue, 30 Nov 2021 03:13:52 GMT
server: openresty
access-control-allow-origin: https://sonichits.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.24682690552120357&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-606

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 64ms
20ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://sonichits.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 3 KB
3 KB 96ms
73ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=579236&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22431533042ecc1e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsonichits.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22a21f07e9-5126-46ba-b531-0e6f3057443b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224465936082eeac9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245185890d1f1986%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224609e7aae858c8b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22477230d6c71fc84%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 81cf47a4c232ee8145fb61863534a62c34bc2cdd8063b25f37494f243e134c86

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.73], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://sonichits.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2908
x-ak-client-geo: 12
expires: Tue, 30 Nov 2021 03:13:52 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
17 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js?_=1638242031919

Requested by

Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
date: Tue, 30 Nov 2021 03:13:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17857
expires: Tue, 30 Nov 2021 05:13:52 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
676 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;700&display=swap

Requested by

Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bcee2446f8299d948a41b137b2c52f37bbed3f15db0cb5382551339d6eab432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 03:13:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 03:13:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 03:13:52 GMT

GET
H3 200 newsprite_retina3.png
sonichits.com/img/ 5 KB
5 KB 16ms
16ms Image
image/webp 2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonichits.com/img/newsprite_retina3.png
Requested by: Host: sonichits.com
URL: https://sonichits.com/css/?t=late&v=1628571030
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61997e67cda6605b2e0762371d54b823af2f519eb37eacd10e721204125e28be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/css/?t=late&v=1628571030
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 633020
cf-polished: origFmt=png, origSize=5897
content-disposition: inline; filename="newsprite_retina3.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4824
last-modified: Fri, 06 Dec 2019 01:25:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyh6dZT%2Fycr6dSTSixDCVq9D8WpK09Hgh6LAX%2BM2muvIwFW%2Fdo0s3%2FNtrFAGMkjOYohdFuEpfX1V%2BUVa6Yt86INzN%2B6LFk498Vd8ACPwrc1fYCb1ogWfoDZVBytnY8J10odiWRFtp4vFVLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 22 Dec 2021 19:23:32 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6b60e6fe6f0f7022-FRA
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ 755 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb200de113f12a3afed5d5c7ea85276b402f32ff19bd8732cce5a997192235b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6e164ec87dafa0b43317a99b4912b38c43712d255beb48d79c91ad9ce37ecab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 relatedVideos Show response
sonichits.com/api/ 24 KB
4 KB 373ms
372ms XHR
application/json 2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sonichits.com/api/relatedVideos?artist=Adele&track=Easy+On+ME&cb=102021
Requested by: Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4197c1c815b266f2adab05b5a73135cbe80b351c2ac36b2d1d15a59a04df4cd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sonichits.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PURyMJZznDeMF5j5%2FhdcXlpfZ6Lka%2FctK%2FawUr135xoWJNXM89QSbDgSl3%2BfPqYPt%2FQw5%2Fgx1pf8AS%2BgPJ6mmz84Xfqr6pNx6DO5l6yTcfxdqiqxQ%2FR9BmfhOYXtyVzSEjpPFGhY67%2FVO7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sonichits.com/
cache-control: public, max-age=0
cf-ray: 6b60e6fe8f467022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 30 Nov 2021 03:13:52

OPTIONS
H2 200 token
eua.instiengage.com/v1/auth/ Frame 0
0 120ms
91ms Preflight 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eua.instiengage.com/v1/auth/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://auth.instiengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://auth.instiengage.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

POST
H2 200 token Show response
eua.instiengage.com/v1/auth/ Frame B6CC 864 B
1016 B 106ms
106ms Fetch
application/json 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eua.instiengage.com/v1/auth/token
Requested by: Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: d725382c78e6138817da3d0b13803f85598da9440b3d11e308c255ed132660b8

Request headers

Referer: https://auth.instiengage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://auth.instiengage.com
date: Tue, 30 Nov 2021 03:13:52 GMT
access-control-allow-credentials: true
content-length: 864
vary: Origin
content-type: application/json

GET
H2 200 apricots.js Show response
srv.tunefindforfans.com/fruits/ Frame 0FA0 18 KB
6 KB 30ms
29ms Script
text/javascript 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tunefindforfans.com/fruits/apricots.js
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: 60f3c72f3d36e2f0f90c7b618e638ef052674305ff1c6c2cc0e313a16959f8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 19:12:26 GMT
server: Apache/2.4.51 (Amazon)
etag: "476f-5d1f238a84afd-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=60, public
accept-ranges: bytes
content-length: 6175
expires: Tue, 30 Nov 2021 03:14:52 GMT

GET
H2 200 apricots.js Show response
srv.tunefindforfans.com/fruits/ Frame DF03 18 KB
6 KB 29ms
29ms Script
text/javascript 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tunefindforfans.com/fruits/apricots.js
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: 60f3c72f3d36e2f0f90c7b618e638ef052674305ff1c6c2cc0e313a16959f8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 19:53:23 GMT
server: Apache/2.4.51 (Amazon)
etag: "476f-5d1f2cb171884-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=60, public
accept-ranges: bytes
content-length: 6175
expires: Tue, 30 Nov 2021 03:14:52 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 04:03:49 GMT

GET
H2 200 adunit.php Show response
srv.tunefindforfans.com/showads/ Frame 0FA0 4 KB
4 KB 42ms
42ms Script
text/javascript 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tunefindforfans.com/showads/adunit.php?id=100004322&di=cf_async_204519644&subtag=&search=&artist=Adele&song=Easy%20On%20ME&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=490&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=1&pe=&ph=&pf=&fh=&mo=undefined&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1638242032531
Requested by: Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: 48de3ebff108330101c2db41e5d2d5c49d605c5454dccab53623f3114685d8f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-cache, must-revalidate
server: Apache/2.4.51 (Amazon)
content-type: text/javascript;charset=UTF-8
content-length: 3815
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=502414451&t=pageview&_s=1&dl=https%3A%2F%2Fsonichits.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=SonicHits%20%7C%20Lyrics%2C%20Song%20Meanings%2C%20Music%20Videos%2C%20Full%20Albums%20%26%20Artist%20Biographies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAAjEAAAAC~&jid=567350421&gjid=1612437432&cid=1589219999.1638242033&tid=UA-48241384-2&_gid=2060345363.1638242033&_r=1&_slc=1&z=754059348

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adunit.php Show response
srv.tunefindforfans.com/showads/ Frame DF03 4 KB
4 KB 37ms
37ms Script
text/javascript 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tunefindforfans.com/showads/adunit.php?id=100004323&di=cf_async_495919870&subtag=&search=&artist=Adele&song=Easy%20On%20ME&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=750&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=1&pe=&ph=&pf=&fh=&mo=undefined&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1638242032546
Requested by: Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: 9e4674b8ea534a2c87432ce9db750fba5fb45c7d6aab55c9a898caa481773d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-cache, must-revalidate
server: Apache/2.4.51 (Amazon)
content-type: text/javascript;charset=UTF-8
content-length: 3815
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-48241384-2&cid=1589219999.1638242033&jid=567350421&gjid=1612437432&_gid=2060345363.1638242033&_u=aGBAAAAiEAAAAC~&z=187354262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 03:13:52 GMT
content-type: text/plain
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 95 Show response
a.ad.gt/api/v1/u/matches/ Frame 0FA0 3 KB
4 KB 323ms
219ms Script
application/javascript 35.163.3.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fa%3DAdele%26t%3DEasy%2520On%2520ME&ref=https%3A%2F%2Fsonichits.com%2F
Requested by: Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.3.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-3-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: f29499b37bd656a3741d7c3080c648e619fb80309a87fa29b80025b84953b88a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
server: nginx/1.18.0
content-length: 3453
content-type: application/javascript

GET
H2 200 imp.php
srv.tunefindforfans.com/showads/track/ Frame 0FA0 42 B
192 B 32ms
32ms Image
image/gif 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.tunefindforfans.com/showads/track/imp.php?cid=99928959&aid=100004322&artist=Adele&song=Easy+On+ME&search=&b=Chrome_96&cs=1&uri=https%3A%2F%2Fsonichits.com%2F&t=1638242032&subtag=&ldmo=&adid=12911781&creative_id=500137385&caph=0&capv=0&atv=old
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-cache, must-revalidate
server: Apache/2.4.51 (Amazon)
content-type: image/gif
content-length: 42
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 95 Show response
a.ad.gt/api/v1/u/matches/ Frame DF03 3 KB
4 KB 499ms
405ms Script
application/javascript 35.163.3.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fs%3D1%26a%3DAdele%26t%3DEasy%2520On%2520ME&ref=https%3A%2F%2Fsonichits.com%2F
Requested by: Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.3.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-3-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8b2b2b587b306b64945a85237509590180a4c2d86f99edaab84e945a1e97b9e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
server: nginx/1.18.0
content-length: 3248
content-type: application/javascript

GET
H2 200 imp.php
srv.tunefindforfans.com/showads/track/ Frame DF03 42 B
192 B 36ms
36ms Image
image/gif 63.32.153.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.tunefindforfans.com/showads/track/imp.php?cid=99928959&aid=100004323&artist=Adele&song=Easy+On+ME&search=&b=Chrome_96&cs=1&uri=https%3A%2F%2Fsonichits.com%2F&t=1638242032&subtag=&ldmo=&adid=12911781&creative_id=500137385&caph=0&capv=0&atv=old
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.153.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-153-81.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 (Amazon) /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-cache, must-revalidate
server: Apache/2.4.51 (Amazon)
content-type: image/gif
content-length: 42
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 42ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-48241384-2&cid=1589219999.1638242033&jid=567350421&_u=aGBAAAAiEAAAAC~&z=87848156

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
19ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-48241384-2&cid=1589219999.1638242033&jid=567350421&_u=aGBAAAAiEAAAAC~&z=87848156

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/eH3giaIzONA/ 20 KB
20 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/eH3giaIzONA/hqdefault.jpg

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de988af2bddad9188286b6d8374252dbbe3446cfd04e6bca89d563b15542d664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:49:21 GMT
x-content-type-options: nosniff
age: 5071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20215
x-xss-protection: 0
server: sffe
etag: "1584111485"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 03:49:21 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/TdrL3QxjyVw/ 28 KB
28 KB 36ms
11ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/TdrL3QxjyVw/hqdefault.jpg

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b81b8a9646be6c5dd05adb3c6fb6f75c1fa9369a66202fb189b6a0c0f9bf356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 02:46:49 GMT
x-content-type-options: nosniff
age: 1623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28885
x-xss-protection: 0
server: sffe
etag: "1542395506"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 04:46:49 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Bag1gUxuU0g/ 25 KB
25 KB 45ms
20ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Bag1gUxuU0g/hqdefault.jpg

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1077e79d6595c15abb3241aa0c93f346c1b321f3455de7afcac490913b4406b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:07:07 GMT
x-content-type-options: nosniff
age: 405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25902
x-xss-protection: 0
server: sffe
etag: "1542392412"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 05:07:07 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/nCkpzqqog4k/ 20 KB
20 KB 40ms
16ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/nCkpzqqog4k/hqdefault.jpg

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82379f774476c74359d1dd4add33b0d1d888b8853394336fe48e6aebe3fd1064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 02:08:02 GMT
x-content-type-options: nosniff
age: 3950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20064
x-xss-protection: 0
server: sffe
etag: "1581598604"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 04:08:02 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/0HDdjwpPM3Y/ 22 KB
22 KB 42ms
18ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0HDdjwpPM3Y/hqdefault.jpg

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea549abeae459b1a882a230cd01621a2bc28315ef26048e6675342f15c334a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 02:43:05 GMT
x-content-type-options: nosniff
age: 1847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22576
x-xss-protection: 0
server: sffe
etag: "1586295769"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 04:43:05 GMT

GET
H2

200

9f4836d41c1f610e6a95f1038d586224.jpg
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/VGF5bG9yIFN3aWZ0/MGNlZTZkN2U5YjZmYjIwNzc2NTZhYzM0NDVmMzQ1YjE=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/9f4836d41c1f610e6a95f1038d586224.jpg

20 KB
21 KB

7ms
7ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/9f4836d41c1f610e6a95f1038d586224.jpg
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: 02b36c5b0645cc8e1abb02521910f596107e8f7141fb8658a89abf9993d927ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
age: 489372
x-cache: HIT
content-length: 20866
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.163245,VS0,VE1
etag: "7055d97a48ebc2e2555a87abcbdcc5cdec3b0f54"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDqLMGA1%2BEyXW16j0hC8nQlib5OQzVpmuiTcQJ5FSaNEiPSDmy0JmX9GPOdS0P908yfxB5zvQkQR0TbTFfe85j8gBbJ%2BnY9BQJaOy7Gjg%2F%2B4ao4ISdqyOuMGP3j2CLZ8Otv9hzxAeLwrtDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/9f4836d41c1f610e6a95f1038d586224.jpg
cache-control: public, max-age=1209600
cf-ray: 6b60e7011a0c7022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:53 GMT

GET
H2

200

4bfadda18a4e26e7558c6330ec13d12a.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/QnJ1bm8gTWFycw==/MGM3Nzk5MTllMzYwODM1MTU0ZTIyNmMxZDBmNGMzZWE=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/4bfadda18a4e26e7558c6330ec13d12a.webp

28 KB
29 KB

9ms
9ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/4bfadda18a4e26e7558c6330ec13d12a.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: b9f51acc07662a6b78c899aaa986a4bb9db4ed149ea65ec3802b38b4992fb4f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
age: 1022974
x-cache: HIT
content-length: 29092
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.167915,VS0,VE1
etag: "eb358516db67bee18faf818e70730c7692f2f0d3"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbhGDryZzqokt1vEvuMn0X7as0O7VzDKe8jxbJYixsXDpbPizxGEwVHNk3HBPEvJFTx6yLD%2FlMbmWPrTtwVbJuBJJ1BXZ6V4cKu8v1ZXLKD71tnxtTw3KuQG%2BU3VzHR%2Ba3QGSIzHgqYirSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/4bfadda18a4e26e7558c6330ec13d12a.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e7011a0d7022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:53 GMT

GET
H2

200

80e9af6984f5dab787c87ddd5c11a867.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/TGlsIE5hcyBY/M2YyZTA5ZmJiZTM1NWU1OGEzODllNTk1NDk0ZWM4ZWQ=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/80e9af6984f5dab787c87ddd5c11a867.webp

13 KB
13 KB

7ms
6ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/80e9af6984f5dab787c87ddd5c11a867.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: 6368c4a6ef148cfc18db7ef367ade65fa0c99d044f727b9c7018522e487da8cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
age: 1034970
x-cache: HIT
content-length: 13016
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.168009,VS0,VE1
etag: "4cb00c621a0bad5fa6cb014d667c6a9a7ba45385"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2F%2Fafh66VboomF4mjSlVhthRQ%2Fwv%2FK3J5zjLTmg%2BinTsEno%2F35yb9lyjZkJPo1BbbAaVhf9%2Fl%2FU%2B1WWF7NIDCw8lSXaIykvbsnKBX64UgiOg2koRZm%2BDplA5Bqv49flX9qGKnaE7cKCdr1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/80e9af6984f5dab787c87ddd5c11a867.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e7011a0e7022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:53 GMT

GET
H2

200

6a520a662b0d30646781d03ade00625a.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/RG9qYSBDYXQ=/ZGIzMzZlZjNhYTg0NmJkZTYyZDdkNTkwZjM1NmQ2YTA=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp

17 KB
17 KB

7ms
7ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: 208d803b1e84d2b1017f3740070270801590cebe44a04e381812203fc9379bd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
age: 1049023
x-cache: HIT
content-length: 17420
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.179862,VS0,VE1
etag: "94b6e4740f81ec76f544324ec095e4d180220bc7"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JajMfP530Jg1mW%2FOlZmMQjFWrEXofcUecOaRZkJYN%2B6zWS9p1Vjn%2FGtRMaz%2F3S4qY%2BxCNZAjLS3SSyAf0ocLvaA2LJH%2BdBzQGUmqDN0%2FEcqK1ePwlQ%2BrWp6sVuINBUU3NeAMzqhMxHjXItA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e7011a107022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:53 GMT

GET
H2

200

9da8add22ca31771a440d2a6f7615f6d.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/T2xpdmlhIFJvZHJpZ28=/NjlhODE3NTljOWRmM2Y2MjMxMzk2MTE5YzU5YTA2MDI=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/9da8add22ca31771a440d2a6f7615f6d.webp

8 KB
8 KB

11ms
11ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/9da8add22ca31771a440d2a6f7615f6d.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: 12afc46f8daf6e5a2e9d35d7f3eeda24c3be5d176f09f65da59deacd0722c823

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
age: 150940
x-cache: HIT
content-length: 8570
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.171297,VS0,VE0
etag: "3b0cc73090bdef998ac2190d560951e0f567f28f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbQRC4q8xIALkNSkCEO2Q8QHDVBVS5Avl5nOvv5Z4xdNQJLUkuhWqP5C2hnxRsV1kLCCyU39PL%2Bm1GKg7YoqJzodTxYmkTCI2q4cNHlRSzULcxOStmc2Jad6XknEdHEzGlnW02mSDmuzOac%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/9da8add22ca31771a440d2a6f7615f6d.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e7011a117022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:53 GMT

GET
H2

200

36368d6fb0f926b10057d4b4778daf32.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/VGhlIEtpZCBMQVJPSQ==/NTJmMDZmMzc3MmE1Y2MzNjBjMGNhYzFjNjMyOTY0MmU=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/36368d6fb0f926b10057d4b4778daf32.webp

24 KB
24 KB

13ms
13ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/36368d6fb0f926b10057d4b4778daf32.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: 140b1d513cf65bf1bc754001151fb1e438440a52020d5b65044454c101524a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
age: 1022974
x-cache: HIT
content-length: 24064
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.168261,VS0,VE1
etag: "43d79f57dec37eb92f579da86e0ecd176e53c601"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqAbyudypz4FDYSPTLHE2vfnRHxG0AcAA8f6ymvYpnYRRx4H5YrJ98XfruwhYcE4iAe74XD3LoAdoY%2By2sH6GChVdF6vE3e8wR4BQtH%2BRNo40LYVZljmH69%2FcDrgz3Eb381Gzzy29TR6Jl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/36368d6fb0f926b10057d4b4778daf32.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e7012a127022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:53 GMT

GET
H2

200

ee8173de0f04cbbb282fc62a5583fda9.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/QmlsbGllIEVpbGlzaA==/NTg0MDI0M2UxMjdmODFlNjM2NTZjNjUzZGNhZDdhODE=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/ee8173de0f04cbbb282fc62a5583fda9.webp

5 KB
6 KB

7ms
6ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/ee8173de0f04cbbb282fc62a5583fda9.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: eedd1755fc8724c8281a7d1b1eae8a4e5e7a67980b2f0f5be1d28c793b07a526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
via: 1.1 varnish
age: 1652593
x-cache: HIT
content-length: 5596
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.969258,VS0,VE0
etag: "a349ce03f155e707dc9f314bb28f665913e1b4fe"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArWXGdJttbr%2B53brSwCJbbBH1PZJXLDCIFHqnql19O%2BywCIr2qb%2BQ%2BPdy1kB564J29V0PMJviULpR5FxhorHzNeUqHJrKB%2FoocGyEcu3pb6CrW%2FHzXMmJ%2BtkibgtVm7obP9rPcBs%2FdYGWks%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/ee8173de0f04cbbb282fc62a5583fda9.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e7012a147022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:52 GMT

GET
H2

200

dfd01019404313399f77999285f78aa9.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain

https://sonichits.com/artist_image/VGhlIFdlZWtuZA==/MzUyYmVhNWM3N2QwOTcyNmM3NGQwNzNlMDM2YTdhYTg=/extralarge
https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp

16 KB
16 KB

8ms
8ms

Image
image/webp

2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 2a04:4e42::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.7.7.2 /
Resource Hash: 2db94632401f3d331de21fbdb6a8db8f2fb2daac228feb56ea14f613c4a83024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
age: 196865
x-cache: HIT
content-length: 16302
x-served-by: cache-fra19151-FRA
server: openresty/1.7.7.2
x-timer: S1638242033.188934,VS0,VE1
etag: "5e80cf471aa2d34d000fed93955ea72b8718704e"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=311040000; public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

Redirect headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLn7FX6zvONZ%2FRgccFQ2UgsFyLBPduwhuiVEc2haRTtUeoJxha1CLq1rFWAknpvoby57pMO9%2F3BonnKcXuJKoOB0ajArZcq7RwZQ6XnnFMVfdTVAP7CUaSmmk3C0Sr%2F%2BKwHrBPRpvYDdGzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp
cache-control: public, max-age=1209600
cf-ray: 6b60e7012a157022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 03:13:53 GMT

GET
H2 200 6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js Show response
product.instiengage.com/ceu-code/ Frame A2E7 358 KB
85 KB 8ms
8ms Script
application/javascript 2600:9000:223d:4400:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:4400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ee47d803b19ecae7d55faa0a2043f5144f739b353b231a0250d093811d1127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: aK_YqG0chUUYoGoSyoACSA2tHHsyJo7a
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 23:14:04 GMT
server: AmazonS3
age: 2704
etag: W/"a5ba6167101fc6baca7526e9db733a19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
date: Tue, 30 Nov 2021 02:37:09 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 5s1lyUpvG3zIoTmnQ5h6tamNvlJoZO3OX_0tJ0luQxdBM4CosC-IuA==

OPTIONS
H2 200 event
event.instiengage.com/v1/ Frame 0
0 154ms
92ms Preflight 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://sonichits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://sonichits.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

OPTIONS
H2 200 event
event.instiengage.com/v1/ Frame 0
0 152ms
91ms Preflight 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.instiengage.com/v1/event?event_name=event_embed-in-view
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://sonichits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://sonichits.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

GET
H3 200 css
fonts.googleapis.com/ Frame A2E7 4 KB
508 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 01:59:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 03:13:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 03:13:52 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame A2E7 50 KB
12 KB 36ms
18ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12639988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: H4F50H89ZD6Z1ZKK
x-amz-id-2: GWfeT/PHLkHEdVjLRISUlBGTgwZCGautQeXGx3zkh+hlUIZ14JgwBT68pYjBBJEvt3jYNQK5to0=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heNeiSCG06eW3hs8jpRU%2B1DUJiIyzBSECYj4UWZA5O4cKDBnmz3EDY8s20DoebOKpv%2BIHwQfiuWXmHEb6LhtVZKQuxjoVXsF%2BTljfv1ztlTc9n07ldmvufr%2BojkQKkHPJ%2F3oT2jlPs4m0KJJTPMdx%2BZs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6b60e701e8f51766-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=502414451&t=pageview&_s=1&dl=https%3A%2F%2Fsonichits.com%2F&dp=%2Ffbda09f1-2c7e-4d13-b979-9446a67e7d25&ul=en-us&de=UTF-8&dt=SonicHits%20%7C%20Lyrics%2C%20Song%20Meanings%2C%20Music%20Videos%2C%20Full%20Albums%20%26%20Artist%20Biographies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAjEAAAAC~&jid=1213278054&gjid=130974577&cid=1589219999.1638242033&tid=UA-123718506-11&_gid=2060345363.1638242033&_r=1&_slc=1&z=969488331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geoip.instiengage.com/json/ Frame A2E7 241 B
424 B 91ms
91ms XHR
application/json 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.instiengage.com/json/
Requested by: Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: a1e761d1dcc9473463928503048ffe6e0a6470aea6ede5f70ae24652f4aae460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:52 GMT
access-control-allow-credentials: true
x-database-date: Mon, 29 Nov 2021 16:46:58 GMT
content-length: 241
vary: Origin
content-type: application/json

POST
H2 201 event Show response
event.instiengage.com/v1/ Frame A2E7 0
118 B 94ms
94ms XHR
text/plain 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Requested by: Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:53 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

POST
H2 201 event Show response
event.instiengage.com/v1/ Frame A2E7 0
118 B 94ms
93ms XHR
text/plain 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.instiengage.com/v1/event?event_name=event_embed-in-view
Requested by: Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:53 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

GET
H2 200 logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame A2E7 2 KB
2 KB 247ms
11ms Image
image/png 2600:9000:2156:e800:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 18:59:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b5cc01468ea9b242e6354798d28874df"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 30 Nov 2021 03:13:53 GMT
accept-ranges: bytes
content-length: 2129
x-amz-cf-id: OWgXNWRaE2MqS1idS_fXvr-Fns-OnKT3Xi0tEE6OOCRjbeGK_7UGXw==

GET
H2 200 icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame A2E7 649 B
1008 B 255ms
19ms Image
image/png 2600:9000:2156:e800:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 18:59:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b673377b664a0b33454c267d911fcfc1"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 30 Nov 2021 03:13:53 GMT
accept-ranges: bytes
content-length: 649
x-amz-cf-id: jmDrfzdYxJwyYrRReaNrww-T-6pXqmPK-ptrBYwPyZMQDnf42bmUTA==

GET
H2 200 graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame A2E7 5 KB
5 KB 254ms
18ms Image
image/png 2600:9000:2156:e800:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 18:59:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "3b5c1361f893cc23b07c2f3cc48cee32"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 30 Nov 2021 03:13:53 GMT
accept-ranges: bytes
content-length: 4833
x-amz-cf-id: gwVNU_KguLUdVEJ7yaGSNPip_B0AMbRwYq_hC2Li72lNMOlCjkaN9w==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 29ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123718506-11&cid=1589219999.1638242033&jid=1213278054&gjid=130974577&_gid=2060345363.1638242033&_u=aGDAAEAjEAAAAC~&z=142659726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 03:13:52 GMT
content-type: text/plain
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ Frame 0FA0 6 KB
3 KB 643ms
213ms Script
application/javascript 44.239.35.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fa%3DAdele%26t%3DEasy%2520On%2520ME&ref=https%3A%2F%2Fsonichits.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.35.110 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-35-110.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:17:08 GMT
server: nginx/1.18.0
etag: W/"1637900228.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2 200 95 Show response
p.ad.gt/api/v1/p/ Frame 0FA0 27 KB
8 KB 602ms
202ms Script
application/javascript 52.38.226.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/95
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fa%3DAdele%26t%3DEasy%2520On%2520ME&ref=https%3A%2F%2Fsonichits.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.38.226.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-226-208.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 64ba65f704a2a492c114b712c58c6e604c6867f906d53a4d16a309bc92eede4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:16:54 GMT
server: nginx/1.18.0
etag: W/"1637900214.0-27263-2546534974"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2

200

match
ids.ad.gt/api/v1/ Frame 0FA0
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&adnxs_id=1499637864729228157

43 B
566 B

762ms
386ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&adnxs_id=1499637864729228157
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:53 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 11b20747-4959-498c-8068-0898575a4b74
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&adnxs_id=1499637864729228157
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/ Frame 0FA0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3

43 B
570 B

655ms
384ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/ Frame 0FA0
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3
https://ids.ad.gt/api/v1/pbm_match?pbm=86664EF0-791C-47DE-8D3D-8FA1018D7E9D&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3

43 B
574 B

724ms
391ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=86664EF0-791C-47DE-8D3D-8FA1018D7E9D&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=86664EF0-791C-47DE-8D3D-8FA1018D7E9D&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/ Frame 0FA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&google_tc=
https://ids.ad.gt/api/v1/g_match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&google_gid=CAESENA_Pz7B9WA92hNQtW0iSh4&google_cver=1&google_ula=450542624,0

43 B
572 B

720ms
386ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&google_gid=CAESENA_Pz7B9WA92hNQtW0iSh4&google_cver=1&google_ula=450542624,0
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&google_gid=CAESENA_Pz7B9WA92hNQtW0iSh4&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FA0
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZjMzYTNkMDQtMGEyMC00YWFhLTlmOTItZWUyZjgyMzQ5MmIz

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZjMzYTNkMDQtMGEyMC00YWFhLTlmOTItZWUyZjgyMzQ5MmIz

Requested by

Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZjMzYTNkMDQtMGEyMC00YWFhLTlmOTItZWUyZjgyMzQ5MmIz
date: Tue, 30 Nov 2021 03:13:53 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2 200 redirect
pp.d2-apps.net/v1/ Frame 0FA0 43 B
396 B 750ms
247ms Image
image/gif 54.178.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pp.d2-apps.net/v1/redirect?p_id=bandsintown&p_uid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fdnts_match%3Fid%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3%26dnts_uid%3D%24%7BD_UID%7D
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.50.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-50-49.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
last-modified: Tue, 30 Nov 2021 03:13:53 GMT
p3p: CP="CAO CUR ADM DEV PSA PSD OUR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
cross-origin-resource-policy: cross-origin
content-type: image/gif; charset=utf8
content-length: 43
expires: -1

GET
H2

200

adb_match
ids.ad.gt/api/v1/ Frame 0FA0
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Df33a3d04-0a20-4aaa-9f92-ee2f8...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Df33a3d0...
https://ids.ad.gt/api/v1/adb_match?adb=27369775413816376110146659282807109481&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3

43 B
479 B

634ms
390ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=27369775413816376110146659282807109481&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v020-0945a571e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Z21Y6RpPQvA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ids.ad.gt/api/v1/adb_match?adb=27369775413816376110146659282807109481&id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ Frame 0FA0 43 B
238 B 30ms
14ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638242033.996335,VS0,VE8
x-served-by: cache-fra19169-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 638ms
211ms Script
application/javascript 44.239.35.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.35.110 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-35-110.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:17:08 GMT
server: nginx/1.18.0
etag: W/"1637900228.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2 200 95 Show response
p.ad.gt/api/v1/p/ 27 KB
8 KB 792ms
394ms Script
application/javascript 52.38.226.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/95
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.38.226.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-226-208.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 64ba65f704a2a492c114b712c58c6e604c6867f906d53a4d16a309bc92eede4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:16:54 GMT
server: nginx/1.18.0
etag: W/"1637900214.0-27263-2546534974"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=08122270-f26d-4235-bc7a-3e94fe779092&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=08122270-f26d-4235-bc7a-3e94fe779092&adnxs_id=1499637864729228157

43 B
566 B

764ms
390ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=08122270-f26d-4235-bc7a-3e94fe779092&adnxs_id=1499637864729228157
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:53 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 14c7b45d-a377-4c11-b261-b0ed0980670a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=08122270-f26d-4235-bc7a-3e94fe779092&adnxs_id=1499637864729228157
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08122270-f26d-4235-bc7a-3e94fe779092
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08122270-f26d-4235-bc7a-3e94fe779092
https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=08122270-f26d-4235-bc7a-3e94fe779092

43 B
570 B

654ms
383ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=08122270-f26d-4235-bc7a-3e94fe779092
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=08122270-f26d-4235-bc7a-3e94fe779092
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08122270-f26d-4235-bc7a-3e94fe779092
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08122270-f26d-4235-bc7a-3e94fe779092
https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=08122270-f26d-4235-bc7a-3e94fe779092

43 B
573 B

723ms
389ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=08122270-f26d-4235-bc7a-3e94fe779092
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=08122270-f26d-4235-bc7a-3e94fe779092
date: Tue, 30 Nov 2021 03:13:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=08122270-f26d-4235-bc7a-3e94fe779092
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=08122270-f26d-4235-bc7a-3e94fe779092&google_tc=
https://ids.ad.gt/api/v1/g_match?id=08122270-f26d-4235-bc7a-3e94fe779092&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0

43 B
573 B

724ms
389ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=08122270-f26d-4235-bc7a-3e94fe779092&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=08122270-f26d-4235-bc7a-3e94fe779092&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=08122270-f26d-4235-bc7a-3e94fe779092
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgxMjIyNzAtZjI2ZC00MjM1LWJjN2EtM2U5NGZlNzc5MDky

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgxMjIyNzAtZjI2ZC00MjM1LWJjN2EtM2U5NGZlNzc5MDky

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgxMjIyNzAtZjI2ZC00MjM1LWJjN2EtM2U5NGZlNzc5MDky
date: Tue, 30 Nov 2021 03:13:53 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2 200 redirect
pp.d2-apps.net/v1/ 43 B
396 B 532ms
248ms Image
image/gif 54.178.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pp.d2-apps.net/v1/redirect?p_id=bandsintown&p_uid=08122270-f26d-4235-bc7a-3e94fe779092&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fdnts_match%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26dnts_uid%3D%24%7BD_UID%7D
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.50.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-50-49.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
last-modified: Tue, 30 Nov 2021 03:13:53 GMT
p3p: CP="CAO CUR ADM DEV PSA PSD OUR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
cross-origin-resource-policy: cross-origin
content-type: image/gif; charset=utf8
content-length: 43
expires: -1

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=08122270-f26d-4235-bc7a-3e94fe779092&impr_uid=2c557bcc-25d1-47e0-a83b-570bb85f9327

43 B
484 B

418ms
385ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=08122270-f26d-4235-bc7a-3e94fe779092&impr_uid=2c557bcc-25d1-47e0-a83b-570bb85f9327
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=08122270-f26d-4235-bc7a-3e94fe779092&impr_uid=2c557bcc-25d1-47e0-a83b-570bb85f9327
date: Tue, 30 Nov 2021 03:13:53 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

unruly
ids.ad.gt/api/v1/
Redirect Chain

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26unruly_id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/audigent/0?zcc=1&dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26unruly_id%3D%5BRX_UUID%5D&cb=1638242033246
https://sync.targeting.unrulymedia.com/csync/RX-04db035f-b74a-453f-8db7-81177f6b382e-003?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D08122270-f26d-4235-bc7a-3e94fe779092%26unruly_id%3D...
https://ids.ad.gt/api/v1/unruly?id=08122270-f26d-4235-bc7a-3e94fe779092&unruly_id=RX-04db035f-b74a-453f-8db7-81177f6b382e-003

43 B
491 B

428ms
383ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/unruly?id=08122270-f26d-4235-bc7a-3e94fe779092&unruly_id=RX-04db035f-b74a-453f-8db7-81177f6b382e-003
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/unruly?id=08122270-f26d-4235-bc7a-3e94fe779092&unruly_id=RX-04db035f-b74a-453f-8db7-81177f6b382e-003
date: Tue, 30 Nov 2021 03:13:53 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX04db035fb74a453f8db781177f6b382e003
content-type: text/html

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 34ms
17ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=1589219999.1638242033&jid=1213278054&_u=aGDAAEAjEAAAAC~&z=1760415438

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 35ms
18ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=1589219999.1638242033&jid=1213278054&_u=aGDAAEAjEAAAAC~&z=1760415438

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usertracking Show response
b2c.instiengage.com/v3/pages/ Frame CCE9 8 KB
3 KB 339ms
104ms Document
text/html 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b2c.instiengage.com/v3/pages/usertracking
Requested by: Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: 984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-type: text/html; charset=UTF-8
content-length: 2821
etag: b3332353-897f-4ef7-b4f2-67aaf19c4c83
vary: Accept-Encoding,Origin
pragma: max-age=3600
cache-control: max-age=3600
content-encoding: gzip

GET
H2 200 haloid Show response
aufp.io/api/v1/ Frame DF03 6 KB
3 KB 533ms
213ms Script
application/javascript 44.239.35.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fs%3D1%26a%3DAdele%26t%3DEasy%2520On%2520ME&ref=https%3A%2F%2Fsonichits.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.35.110 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-35-110.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:17:08 GMT
server: nginx/1.18.0
etag: W/"1637900228.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2 200 95 Show response
p.ad.gt/api/v1/p/ Frame DF03 27 KB
8 KB 685ms
395ms Script
application/javascript 52.38.226.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/95
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/95?url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fs%3D1%26a%3DAdele%26t%3DEasy%2520On%2520ME&ref=https%3A%2F%2Fsonichits.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.38.226.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-226-208.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 64ba65f704a2a492c114b712c58c6e604c6867f906d53a4d16a309bc92eede4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:16:54 GMT
server: nginx/1.18.0
etag: W/"1637900214.0-27263-2546534974"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2

200

match
ids.ad.gt/api/v1/ Frame DF03
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&adnxs_id=1499637864729228157

43 B
566 B

677ms
388ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&adnxs_id=1499637864729228157
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:53 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: efefbd8d-3fcb-4eb3-a431-da26129354f6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&adnxs_id=1499637864729228157
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/ Frame DF03
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1

43 B
570 B

648ms
385ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/ Frame DF03
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D60cc6507-658f-4b04-9ef8-8fa17d9aacf1
https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1

43 B
573 B

666ms
389ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=204A8A74-7C40-464A-837C-6826C42325CA&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/ Frame DF03
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
https://ids.ad.gt/api/v1/g_match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0

43 B
572 B

662ms
384ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&google_gid=CAESEA4ekCrR1AmDLLhLw0RrMJE&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF03
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NjBjYzY1MDctNjU4Zi00YjA0LTllZjgtOGZhMTdkOWFhY2Yx

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NjBjYzY1MDctNjU4Zi00YjA0LTllZjgtOGZhMTdkOWFhY2Yx

Requested by

Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NjBjYzY1MDctNjU4Zi00YjA0LTllZjgtOGZhMTdkOWFhY2Yx
date: Tue, 30 Nov 2021 03:13:53 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2 200 redirect
pp.d2-apps.net/v1/ Frame DF03 43 B
397 B 638ms
246ms Image
image/gif 54.178.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pp.d2-apps.net/v1/redirect?p_id=bandsintown&p_uid=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fdnts_match%3Fid%3D60cc6507-658f-4b04-9ef8-8fa17d9aacf1%26dnts_uid%3D%24%7BD_UID%7D
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.50.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-50-49.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
last-modified: Tue, 30 Nov 2021 03:13:53 GMT
p3p: CP="CAO CUR ADM DEV PSA PSD OUR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
cross-origin-resource-policy: cross-origin
content-type: image/gif; charset=utf8
content-length: 43
expires: -1

GET
H/1.1

204
No Content

token
token.rubiconproject.com/ Frame DF03
Redirect Chain

https://ids.ad.gt/api/v1/rub?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
https://token.rubiconproject.com/token?pid=50242&puid=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&gdpr=0

0
214 B

30ms
7ms

Image
text/plain

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&gdpr=0
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://token.rubiconproject.com/token?pid=50242&puid=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&gdpr=0
date: Tue, 30 Nov 2021 03:13:53 GMT
server: nginx/1.18.0
content-length: 417
content-type: text/html; charset=utf-8

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/ Frame DF03
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ACB3BU7DSy4AACo9jHsDFQ&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1

43 B
478 B

511ms
382ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ACB3BU7DSy4AACo9jHsDFQ&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ACB3BU7DSy4AACo9jHsDFQ&id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1
Date: Tue, 30 Nov 2021 03:13:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 pixel.gif
dh014lg6uwepv.cloudfront.net/ 35 B
351 B 134ms
107ms Image
image/gif 2600:9000:236e:6e00:1a:5302:20c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1638242033250&site_uuid=fbda09f1-2c7e-4d13-b979-9446a67e7d25&hostname=sonichits.com&ad_unit=sonichits.com_Web_300x250_1&impression_type=undefined&device=desktop&country_code=DE
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6e00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:54 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 16:08:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: AmeSpQBsY0Clrv65zbVhf28MQWFSCbbCt4sQwAwh03jyq3cCKJvdUA==

GET
H2 200 pixel.gif
dh014lg6uwepv.cloudfront.net/ 35 B
356 B 134ms
107ms Image
image/gif 2600:9000:236e:6e00:1a:5302:20c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1638242033251&site_uuid=fbda09f1-2c7e-4d13-b979-9446a67e7d25&hostname=sonichits.com&ad_unit=sonichits.com_Web_300x250_2&impression_type=undefined&device=desktop&country_code=DE
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6e00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:54 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 16:08:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: RefreshHit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: qKa5-_XRfmIoLA9aNl_bv4tQO4ugwqhqjDs_RXdEw6-TUdkWrx9KmA==

POST
H2 201 event Show response
event.insticator.com/v1/ 0
118 B 92ms
92ms XHR
text/plain 52.202.233.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Requested by: Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/header-tags/fbda09f1-2c7e-4d13-b979-9446a67e7d25/22557fe2-2053-4345-90b4-a57ecf7c3b8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-233-191.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:53 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

OPTIONS
H2 200 event
event.insticator.com/v1/ Frame 0
0 124ms
92ms Preflight 52.202.233.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-233-191.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type
Origin: https://sonichits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://sonichits.com
access-control-allow-headers: access-control-allow-origin,content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

GET
H2 200 contents Show response
cms.instiengage.com/v3/ Frame A2E7 18 KB
18 KB 140ms
93ms XHR
application/json 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.instiengage.com/v3/contents?embed_uuid=6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=20
Requested by: Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: ff5da44c9aa8cd3009f6659159c6fabbec63a8bae515e3edbc28a013976b7265

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:53 GMT
access-control-allow-credentials: true
content-length: 18638
vary: Origin
content-type: application/json

GET
H2 200 logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame A2E7 2 KB
2 KB 7ms
7ms Image
image/png 2600:9000:2156:e800:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 18:59:06 GMT
server: AmazonS3
age: 0
etag: "b5cc01468ea9b242e6354798d28874df"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 30 Nov 2021 03:13:53 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2129
x-amz-cf-id: DhZq1IA3BfWg_m2FUitxW-BbaXk5RU5mgZL3Jv0StKcGK6lqjRrJZQ==

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame A2E7 47 KB
47 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sonichits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 308860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:26:13 GMT

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame A2E7 47 KB
47 KB 27ms
11ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sonichits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 308860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:26:13 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame A2E7 72 KB
73 KB 27ms
17ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://sonichits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2610147
cf-ray: 6b60e705b9522c19-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73852
x-amz-id-2: BZLhrXkdVoijcO+aWdFJMtB70v3gDkahQfnUUJkBMAjcXF1y+XBGtNffWXB/iEfZ2Wmq+VMgBR0=
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
server: cloudflare
etag: "fb493903265cad425ccdf8e04fc2de61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oJEIEmGplJOUWuFSz1oUiFY7Sx3TQY%2Be1ELY0NCNqo%2Bm8uJbiUNcPjuwWxxZsGPLcCN%2B7hvmBrDdJ%2FhN%2B4vdARDQXLaMZEqqNwVHj%2B3975VFyBOdmJ%2BdwfNPzxs0%2BdwFSEFNTGev1hNfyXd%2BYZqRovB"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: M7JVP0BQT0DXXYA2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ Frame 0FA0 0
344 B 622ms
200ms Script
text/plain 52.89.213.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=5747408cafadca2ec735e02f7c0750c2&url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fa%3DAdele%26t%3DEasy%2520On%2520ME&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.213.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-213-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Nov 2021 03:13:54 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 0FA0 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: LEsyJp9yDWV3AgUHf4dXTNQ4+zXppriSiDx9JcasXIJ5+j9eaujjWf31NTWmI5Qm1kLDt5ZvGS+cJhQwOqLU4w==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 30 Nov 2021 03:13:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0FA0 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 766
date: Tue, 30 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 05:01:07 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame 0FA0 1 KB
763 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 02:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 03:48:28 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame 0FA0 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 04:09:48 GMT

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ Frame 0FA0 308 KB
88 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eac7f65a06e90a0ea6602bf24ecc0eebe21e17168059157d11e604bb63d3a29e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90562
x-xss-protection: 0
pragma: public
x-fb-debug: Sy0nZddSPn6YCkXk0EmeWjap4VnObuMliM9J6g+BZ8MC9scYidH2/K4lRpXwkSTeuB6H0Xf9kTEca1iJtvzOFw==
x-frame-options: DENY
date: Tue, 30 Nov 2021 03:13:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
652 B 211ms
211ms Image
image/gif 52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=08122270-f26d-4235-bc7a-3e94fe779092&halo_id=0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ Frame 0FA0 43 B
131 B 37ms
16ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Df33a3d04-0a20-4aaa-9f92-ee2f823492b3
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:53 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ Frame 0FA0 43 B
652 B 219ms
219ms Image
image/gif 52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=f33a3d04-0a20-4aaa-9f92-ee2f823492b3&halo_id=0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ Frame DF03 43 B
652 B 204ms
204ms Image
image/gif 52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=60cc6507-658f-4b04-9ef8-8fa17d9aacf1&halo_id=0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 30 Nov 2021 15:13:53 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 0FA0 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fa%3DAdele%26t%3DEasy%2520On%2520ME&rl=https%3A%2F%2Fsonichits.com%2F&if=true&ts=1638242033718&cd[partner_id]=95&cd[tagger_id]=5747408cafadca2ec735e02f7c0750c2&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638242033717.1863506789&it=1638242033666&coo=false&tm=1&rqm=GET

Requested by

Host: sonichits.com
URL: https://sonichits.com/tf.php?a=Adele&t=Easy%20On%20ME

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 03:13:53 GMT

POST
H2 201 event Show response
event.instiengage.com/v1/ Frame A2E7 0
118 B 93ms
92ms XHR
text/plain 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.instiengage.com/v1/event?event_name=event_question-loaded
Requested by: Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://sonichits.com
date: Tue, 30 Nov 2021 03:13:53 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

GET
H2 200 GIm5OV5rY0w
static.instiengage.com/content_images/unsplash/ Frame A2E7 534 KB
535 KB 398ms
398ms Image
application/octet-stream 2600:9000:2156:e800:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/content_images/unsplash/GIm5OV5rY0w
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dd2649a00da72f743222cadca674cee4b10bd81f532b03a121817501bf10783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 9LYxHZ6Rv1wbIjEDlavB_pjgaPKCueC9
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 14:56:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "eaf7d4fe7fc6c2aa805933e4a544c4fb"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
cache-control: max-age=31536000,public
date: Tue, 30 Nov 2021 03:13:55 GMT
accept-ranges: bytes
content-length: 546792
x-amz-cf-id: o9w9YFbC4E8IMCJOtGVeaUh26h6xpEG98x3bnSWkNvUizYddK-3kRw==

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame A2E7 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sonichits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 308860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:26:13 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
343 B 404ms
201ms Script
text/plain 52.89.213.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=5747408cafadca2ec735e02f7c0750c2&url=https%3A%2F%2Fsonichits.com%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.213.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-213-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Nov 2021 03:13:54 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: LEsyJp9yDWV3AgUHf4dXTNQ4+zXppriSiDx9JcasXIJ5+j9eaujjWf31NTWmI5Qm1kLDt5ZvGS+cJhQwOqLU4w==
x-frame-options: DENY
date: Tue, 30 Nov 2021 03:13:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 02:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 03:48:28 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 04:09:48 GMT

GET
H3 200 cm
u.openx.net/w/1.0/ 43 B
75 B 207ms
15ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D08122270-f26d-4235-bc7a-3e94fe779092
Requested by: Host: sonichits.com
URL: https://sonichits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:54 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ Frame DF03 0
343 B 394ms
201ms Script
text/plain 52.89.213.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=5747408cafadca2ec735e02f7c0750c2&url=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fs%3D1%26a%3DAdele%26t%3DEasy%2520On%2520ME&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.213.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-213-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Nov 2021 03:13:54 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame DF03 98 KB
25 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: LEsyJp9yDWV3AgUHf4dXTNQ4+zXppriSiDx9JcasXIJ5+j9eaujjWf31NTWmI5Qm1kLDt5ZvGS+cJhQwOqLU4w==
x-frame-options: DENY
date: Tue, 30 Nov 2021 03:13:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame DF03 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/95

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 766
date: Tue, 30 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 05:01:07 GMT

GET
H3 200 cm
u.openx.net/w/1.0/ Frame DF03 43 B
75 B 207ms
16ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D60cc6507-658f-4b04-9ef8-8fa17d9aacf1
Requested by: Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:54 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 event
event.instiengage.com/v1/ Frame 0
0 92ms
92ms Preflight 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.instiengage.com/v1/event?event_name=event_question-loaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://sonichits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 03:13:53 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://sonichits.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=502414451&t=pageview&_s=1&dl=https%3A%2F%2Fsonichits.com%2F&ul=en-us&de=UTF-8&dt=SonicHits%20%7C%20Lyrics%2C%20Song%20Meanings%2C%20Music%20Videos%2C%20Full%20Albums%20%26%20Artist%20Biographies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEI7EAAAAC~&jid=774353398&gjid=320523005&cid=1589219999.1638242033&tid=UA-87198801-1&_gid=2060345363.1638242033&_r=1&_slc=1&cd1=08122270-f26d-4235-bc7a-3e94fe779092&cd2=none&cd3=95&cd4=sonichits.com&cd5=%2F&cd6=Passive%20Tagger&cd7=5747408cafadca2ec735e02f7c0750c2&z=1341649704

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eac7f65a06e90a0ea6602bf24ecc0eebe21e17168059157d11e604bb63d3a29e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90562
x-xss-protection: 0
pragma: public
x-fb-debug: Sy0nZddSPn6YCkXk0EmeWjap4VnObuMliM9J6g+BZ8MC9scYidH2/K4lRpXwkSTeuB6H0Xf9kTEca1iJtvzOFw==
x-frame-options: DENY
date: Tue, 30 Nov 2021 03:13:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ Frame DF03 308 KB
88 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eac7f65a06e90a0ea6602bf24ecc0eebe21e17168059157d11e604bb63d3a29e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90562
x-xss-protection: 0
pragma: public
x-fb-debug: Sy0nZddSPn6YCkXk0EmeWjap4VnObuMliM9J6g+BZ8MC9scYidH2/K4lRpXwkSTeuB6H0Xf9kTEca1iJtvzOFw==
x-frame-options: DENY
date: Tue, 30 Nov 2021 03:13:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame DF03 1 KB
763 B 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 02:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 03:48:28 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame DF03 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 04:09:48 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87198801-1&cid=1589219999.1638242033&jid=774353398&gjid=320523005&_gid=2060345363.1638242033&_u=aGDAAEI7EAAAAC~&z=725669165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 03:13:54 GMT
content-type: text/plain
access-control-allow-origin: https://sonichits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fsonichits.com%2F&rl=&if=false&ts=1638242034040&cd[partner_id]=95&cd[tagger_id]=5747408cafadca2ec735e02f7c0750c2&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638242033717.1863506789&it=1638242034013&coo=false&tm=1&rqm=GET

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 30 Nov 2021 03:13:54 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame DF03 44 B
91 B 9ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fs%3D1%26a%3DAdele%26t%3DEasy%2520On%2520ME&rl=https%3A%2F%2Fsonichits.com%2F&if=true&ts=1638242034047&cd[partner_id]=95&cd[tagger_id]=5747408cafadca2ec735e02f7c0750c2&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638242033717.1863506789&it=1638242034015&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=Adele&t=Easy%20On%20ME

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 30 Nov 2021 03:13:54 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=1589219999.1638242033&jid=774353398&_u=aGDAAEI7EAAAAC~&z=1484029376

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=1589219999.1638242033&jid=774353398&_u=aGDAAEI7EAAAAC~&z=1484029376

Requested by

Host: sonichits.com
URL: https://sonichits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
326 B 46ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=88

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 03:13:54 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
335 B 115ms
44ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0d203f0fc78c3a66e5c30c3718267db7b8165cd5a2efd732e2154a8f66a978cb

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sonichits.com
cache-control: no-cache
x-server: 10.45.13.14
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
660 B 31ms
31ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: ced055484b4be43f1b4befe3c912d30ed20792bc6e98a620b4516eecc25ae997

Request headers

Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 03:13:54 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sonichits.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 30 Dec 2021 03:13:54 GMT

GET
H3 200 lyrics Show response
sonichits.com/api/ 2 KB
1 KB 190ms
189ms XHR
application/json 2606:4700:20::681a:22c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sonichits.com/api/lyrics?artist=Adele&track=Easy+On+ME&ij=1
Requested by: Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe24864e4f53f5c791b7fd1430459727943e10f09b6ef2644f8b8cdcb901a46f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sonichits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: cache
date: Tue, 30 Nov 2021 03:13:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbIGnnYN%2BK3WxdVi1GpE8hnPhPEmNueaP63Dig%2F2PDA5DCIWfA71z68ddLrKLJ%2B76wm0hc6ZBDAC2LzmyGRuRFDci0m5b1g6Esf2nqWxm%2BhX%2BA0aQ0ddXqemKLYEDwyDsXKyn82n5cBYXcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sonichits.com/
cache-control: public, max-age=15724800
cf-ray: 6b60e70b1dcd7022-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 31 May 2022 03:13:54

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B947 0
15 B 14ms
6ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://sonichits.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://sonichits.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 30 Nov 2021 03:13:54 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 0FA0 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fa%3DAdele%26t%3DEasy%2520On%2520ME&rl=https%3A%2F%2Fsonichits.com%2F&if=true&ts=1638242035269&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638242033717.1863506789&it=1638242033666&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 30 Nov 2021 03:13:55 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 185 KB
61 KB 35ms
9ms Script
application/x-javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: TIXEr4j9ZaZJgKeoVZ8ehYwv1bF6gSxj
content-encoding: gzip
etag: W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age: 73970
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:73702bf1-4472-485c-9bda-886a8f21cacd
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 6bc77264d69b4716594d8b5229cafdb9
last-modified: Wed, 17 Nov 2021 08:31:53 GMT
server: AmazonS3
date: Mon, 29 Nov 2021 06:41:06 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 67c429bc2e760b9ca91a98648469be411bfcccf8bfb6ea245b28e6585b1861aa
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8675.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: eQfKy_SiTD_Y09SZXuelxHWdKHufHXsLyUBZ_80YO7uMWmcj1SfwOg==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 109ms
7ms Fetch
application/json 13.225.77.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-75.fra2.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 14:32:52 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront), 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
age: 45663
x-amzn-requestid: 0035ad88-6a15-4886-b681-75468265c26a
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61a4e494-4163f1341b701de36367a844;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1, FRA2-C2
x-amz-apigw-id: JkinRHAVDoEFh-Q=
content-length: 30
x-amz-cf-id: YPl0Y1ggv2ZU_qi7yNUCyQjXdl_coGOfHE543SzVbqUBqUcz_FwMFw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3 200 /
www.facebook.com/tr/ Frame DF03 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fsonichits.com%2Ftf.php%3Fs%3D1%26a%3DAdele%26t%3DEasy%2520On%2520ME&rl=https%3A%2F%2Fsonichits.com%2F&if=true&ts=1638242035567&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638242033717.1863506789&it=1638242034015&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 30 Nov 2021 03:13:55 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 0529
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1

2 KB
3 KB

17ms
17ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 03257a9fbd601c968fe545eff8150d0277506597747ffd3582bd2ede06f7ceb9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|57|196|47|156
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1664
Expires: Tue, 30 Nov 2021 03:13:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 344
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 30 Nov 2021 03:13:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive

GET
H2 200 2b9d395f79fd97a5 Show response
sync.e-planning.net/uspd/1/ Frame 1A8A 2 KB
1 KB 56ms
16ms Document
text/html 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 93b7ae16e62f81ab23eb6a7a375d24bf0f02caeaae6e9dbcdadcbb9bf6a99d15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

server: openresty
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires: Tue, 30 Nov 2021 03:13:56 GMT
x-sid: AMS-606
content-encoding: gzip

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1AB1 2 KB
1 KB 26ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive

GET
H2 200 sync.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 8AB8 2 KB
1 KB 50ms
17ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 2394
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9oVXmqfL9R9rpS4PHjbBaO7Zy9aIw%2B2pAHU1oOxOmGbtQ%2Fxl5QcqhA%2Fik%2BriE50iV4ss%2F5ECvzcmMQ5H2hjpo88mLV%2F9qQmGoJEQC9IeikIqmwZVQpWbffZ%2BhOqff2JxIDol8e2NojqP9wFDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b60e716d841c2e0-FRA
content-encoding: br

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame CC34 17 KB
6 KB 146ms
32ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9B) /
Resource Hash: 62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 215
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Tue, 30 Nov 2021 03:13:56 GMT
etag: "450f-5c7a90520f640"
expires: Tue, 30 Nov 2021 03:28:56 GMT
last-modified: Wed, 21 Jul 2021 21:40:33 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (mil/6C9B)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 965727850
content-length: 5566

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 6470 926 B
1 KB 51ms
15ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: iThDOqIsDS8Lc8XERmO4THti/L0TNokZlU7KZ5ydViHoGsz8wSrXydQlClxKzw+8VZ9YuulUJ7s=
x-amz-request-id: 5S3T1K5V2G9VMX3D
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 5210
Expires: Tue, 30 Nov 2021 03:14:56 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b60e716dff468fd-FRA
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1F83
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator

281 B
554 B

31ms
7ms

Document
text/html

23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 204 ps
ssc-cms.33across.com/ Frame 43E5 0
0 361ms
112ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D33XUSERID33X
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Tue, 30 Nov 2021 03:13:56 GMT

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 6EC7 0
35 B 17ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7B65 2 KB
814 B 19ms
19ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1638242032452

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 89DA 0
0 358ms
111ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Tue, 30 Nov 2021 03:13:56 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5810 2 KB
814 B 18ms
18ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5649f68000b2f63

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8845 52 KB
17 KB 37ms
11ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 01 Dec 2021 03:13:58 GMT
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame E041 7 KB
2 KB 43ms
18ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2986c79cdcd85c6c68cff6cb014634dc7b7467054a65c4a2063d25797db340

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://sonichits.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b60e716dac94e44-FRA
content-encoding: br

GET
H2 204 services
sync.technoratimedia.com/ 0
292 B 108ms
99ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=90&uid=5721953d-9d5b-40ae-88b6-e6eaac5b9422&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsynacor%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%5BUSER_ID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 582061577
access-control-allow-origin: https://sonichits.com/
access-control-allow-credentials: true

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=insticator&custom_data=5721953d-9d5b-40ae-88b6-e6eaac5b9422
https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=5721953d-9d5b-40ae-88b6-e6eaac5b9422
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8535d9e1-fab2-4fd7-8092-f8af213b6c64&ssp=insticator&gdpr=&gdpr_consent=

43 B
324 B

33ms
15ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8535d9e1-fab2-4fd7-8092-f8af213b6c64&ssp=insticator&gdpr=&gdpr_consent=
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8535d9e1-fab2-4fd7-8092-f8af213b6c64&ssp=insticator&gdpr=&gdpr_consent=
Date: Tue, 30 Nov 2021 03:13:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

204

5721953d-9d5b-40ae-88b6-e6eaac5b9422
ex.ingage.tech/v1/sync/amx/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D
https://ex.ingage.tech/v1/sync/amx/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=18582f18-3977-4dba-96ec-24b23aee269b&gdpr=0

0
76 B

108ms
108ms

Image
text/plain

2606:4700:10::6816:b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ex.ingage.tech/v1/sync/amx/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=18582f18-3977-4dba-96ec-24b23aee269b&gdpr=0
Protocol: H2
Server: 2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
cache-control: private, max-age=1296000
access-control-allow-credentials: true
cf-ray: 6b60e7176b677028-FRA

Redirect headers

location: https://ex.ingage.tech/v1/sync/amx/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=18582f18-3977-4dba-96ec-24b23aee269b&gdpr=0
date: Tue, 30 Nov 2021 03:13:55 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
478 B 65ms
18ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 23ms
22ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H2

204

5721953d-9d5b-40ae-88b6-e6eaac5b9422
ex.ingage.tech/v1/sync/sovrn/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID&sovrn_retry=true
https://ex.ingage.tech/v1/sync/sovrn/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=811336cca82ee4699fb6154b

0
35 B

246ms
244ms

Image
text/plain

2606:4700:10::6816:b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ex.ingage.tech/v1/sync/sovrn/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=811336cca82ee4699fb6154b
Protocol: H2
Server: 2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
cache-control: private, max-age=1296000
access-control-allow-credentials: true
cf-ray: 6b60e7179b987028-FRA

Redirect headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ex.ingage.tech/v1/sync/sovrn/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=811336cca82ee4699fb6154b
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET K71oV3YXLnxyXq77Uz80
cs.admanmedia.com/sync/ 0
0

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3De9f6dbc5959c14ee%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3De9f6dbc5959c14ee%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=e9f6dbc5959c14ee&uid=811336cca82ee4699fb6154b

42 B
103 B

56ms
18ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=e9f6dbc5959c14ee&uid=811336cca82ee4699fb6154b
Protocol: H2
Server: 46.249.52.249 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=e9f6dbc5959c14ee&uid=811336cca82ee4699fb6154b
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c154efe1ebee795b74093dff22cdfec5090ca5f5d409e2031319f84d4109d935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: f4+nScQGyq5pnbZ2oMxW5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: hTdtABFqIIhw9DcvPwOCJNkI07h6MkiHRF76IglQ87YRxwVArn3c3Vaq2V2c1xGyKfTlEtjaLq2cJXaQnR+3AA==
x-fb-content-md5: 3f269df8ab782dceab4f8079b3d50bb1
x-frame-options: DENY
date: Tue, 30 Nov 2021 03:13:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8b29ce59c86c7cd5eff90d75cfb36db2"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 30 Nov 2021 03:21:50 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
81 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7cdf96dcae4cd23a536f633172157322

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0539a6a98c6ffe19e12e984109940a1bb6acece25002e57154f5da23a07db1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sonichits.com/
Origin: https://sonichits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QRw2Ha6JAye1B4WeG7lpeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 30 Nov 2022 03:01:50 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82871
x-fb-rlafr: 0
x-fb-debug: xjwN9/N5sll0O2nG1nVFvff4jLrEjqHnQJUFngpWFsvB3u4RALMgTD962wbOIsypID5MW57VVCeyQ68W5VbkqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 82d11e65aedd7c6e239098a807649cf0
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 03:13:56 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9cb2ac174e0f5cfd2000fdf45613c9c2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0529
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaWW9P3WdfZdihPmS2mg8wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK-Pbe5FPX_cgBskvs2UzGc&google_cver=1&gdpr=1

43 B
1000 B

12ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK-Pbe5FPX_cgBskvs2UzGc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK-Pbe5FPX_cgBskvs2UzGc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0529 70 B
264 B 31ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 0529
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBDdrmgJuXD_Bh9zxikOBsQ&google_cver=1

43 B
315 B

10ms
9ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBDdrmgJuXD_Bh9zxikOBsQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBDdrmgJuXD_Bh9zxikOBsQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0529
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB&dcc=t

43 B
645 B

104ms
104ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T68AT00HB4H5PSF7FA44
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4T17ZDR38TRVEF5TDBJT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0529
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1920574142287785909

43 B
1 KB

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1920574142287785909
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:57 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1920574142287785909
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame 0529 0
215 B 63ms
18ms Image
text/plain 51.178.20.140
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31193670.ip-51-178-20.eu
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0529
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pZbEWWSB1MRTAE5&gdpr=1

43 B
1015 B

14ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pZbEWWSB1MRTAE5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:56 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:55 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pZbEWWSB1MRTAE5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 0529 35 B
380 B 385ms
94ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:54 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 204 5721953d-9d5b-40ae-88b6-e6eaac5b9422
ex.ingage.tech/v1/sync/ix/ Frame 0529 0
53 B 197ms
197ms Image
text/plain 2606:4700:10::6816:b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ex.ingage.tech/v1/sync/ix/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D&s=192379&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
cache-control: private, max-age=604800
access-control-allow-credentials: true
cf-ray: 6b60e7175b547028-FRA

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 0E46 54 B
326 B 11ms
10ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://sonichits.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Tue, 30 Nov 2021 03:13:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame E041 0
0 7ms
6ms Image
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e...
https://mwzeom.zeotap.com/mw?google_gid=CAESEEegfEcZxq6oCgJssPGBc0s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c...

95 B
181 B

33ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEEegfEcZxq6oCgJssPGBc0s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e717ab864e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEEegfEcZxq6oCgJssPGBc0s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=45189448-e9f8-4288-9aec-2dfb1e4a1612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de...

95 B
153 B

15ms
15ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=45189448-e9f8-4288-9aec-2dfb1e4a1612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e717ebcf4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=45189448-e9f8-4288-9aec-2dfb1e4a1612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame E041 0
331 B 53ms
16ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D9...
https://mwzeom.zeotap.com/mw?cid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de...

95 B
153 B

18ms
18ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e717cbaf4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=7fed5bb0-88f2-48f6-ab21-42aa630a8387&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame E041 0
77 B 19ms
14ms Image
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638242036.391784,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19169-FRA

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame E041 0
411 B 571ms
102ms Image
text/html 2600:1f18:6593:f608:82c4:8e67:4786:1156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f608:82c4:8e67:4786:1156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=204A8A74-7C40-464A-837C-6826C42325CA&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c...

95 B
153 B

18ms
17ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=204A8A74-7C40-464A-837C-6826C42325CA&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e717ebcd4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=204A8A74-7C40-464A-837C-6826C42325CA&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
date: Tue, 30 Nov 2021 03:13:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=136...
https://mwzeom.zeotap.com/mw?cid=19937ff7-8879-4232-a5a5-a7002f27665e&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
153 B

17ms
17ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=19937ff7-8879-4232-a5a5-a7002f27665e&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e718cc5b4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=19937ff7-8879-4232-a5a5-a7002f27665e&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=749bc7fb-c9af-43dd-556e-949ae0e22221&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://mwzeom.zeotap.com/mw?cid=27369775413816376110146659282807109481&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-...

95 B
153 B

16ms
16ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=27369775413816376110146659282807109481&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e717cbb04e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v020-02e17ecc8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VWdcgHvqSkY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=27369775413816376110146659282807109481&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame E041 0
324 B 154ms
29ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7036195967558482059&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-...

95 B
153 B

15ms
15ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7036195967558482059&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e717cbb54e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7036195967558482059&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame E041
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=749bc7fb-c9af-43dd-556e-949ae0e22221
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=749bc7fb-c9af-43dd-556e-949ae0e22221

95 B
425 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=749bc7fb-c9af-43dd-556e-949ae0e22221

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=749bc7fb-c9af-43dd-556e-949ae0e22221
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=749bc7fb-c9af-43dd-556e-949ae0e22221&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=749bc7fb-c9af-43dd-556e-949ae0e22221&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=Knt2pZcuuf.ITR4mZBsQvu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41...

95 B
153 B

21ms
20ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=Knt2pZcuuf.ITR4mZBsQvu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e717fbdb4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
last-modified: Tue, 30 Nov 2021 03:13:56 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=Knt2pZcuuf.ITR4mZBsQvu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e...
https://mwzeom.zeotap.com/mw?cid=

95 B
153 B

25ms
25ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e7185c194e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=749bc7fb-c9af-43dd-556e-949ae0e22221?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=749bc7fb-c9af-43dd-556e-949ae0e22221?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=5add69d7d1f9ced71d7610b9271076fa&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d...

95 B
153 B

28ms
28ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=5add69d7d1f9ced71d7610b9271076fa&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e7186c324e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=5add69d7d1f9ced71d7610b9271076fa&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
cache-control: no-cache
x-server: 10.45.31.184
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-DXfpGpVE2ordqZo.srcX5Z5Qmu1RufhJzA--~A&zpartnerid=570&env=mWeb

95 B
153 B

18ms
17ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-DXfpGpVE2ordqZo.srcX5Z5Qmu1RufhJzA--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e718dc624e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Tue, 30 Nov 2021 03:13:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-DXfpGpVE2ordqZo.srcX5Z5Qmu1RufhJzA--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=NZzY1EoA079tjhu3Kzw24fnBUm5Bbg7M%2BS41iYitP1U%3D

95 B
153 B

20ms
19ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=NZzY1EoA079tjhu3Kzw24fnBUm5Bbg7M%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e7185c174e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=NZzY1EoA079tjhu3Kzw24fnBUm5Bbg7M%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame E041 43 B
106 B 18ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E041 0
338 B 125ms
31ms Image
text/plain 54.77.169.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.169.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-169-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1638242036
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame E041 95 B
358 B 13ms
13ms Image
image/png 162.55.236.225
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.225.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame E041
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...

85 B
160 B

7ms
6ms

Image
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361&_test=YaWW9AAIai8Q0wBG
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 335
x-served-by: cache-hhn4044-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1638242037.625674,VS0,VE0
content-length: 85
x-cache-hits: 657

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1638242037.518984,VS0,VE89
x-served-by: cache-hhn4044-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc7fb-c9af-43dd-556e-949ae0e22221%26reqId%3D92a56c61-5d13-41de-5e93-2303ad0d5881%26zdid%3D1361&_test=YaWW9AAIai8Q0wBG
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H/1.1 204 v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame E041 0
76 B 102ms
30ms Image
text/plain 54.217.170.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.217.170.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-170-69.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
server: nginx/1.20.1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E041
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d...

0
337 B

32ms
31ms

Image
text/plain

54.77.169.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 54.77.169.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-169-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1638242036
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
date: Tue, 30 Nov 2021 03:13:56 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame E041
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556...

43 B
645 B

33ms
32ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZXBZ164TB2AAQB84YHF1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4SDGZDK3J7RSKB80HAS1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=749bc7fb-c9af-43dd-556e-949ae0e22221&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://tags.bluekai.com/site/87734?id=749bc7fb-c9af-43dd-556e-949ae0e22221&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
153 B

33ms
33ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e719bd0b4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 5fce
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E041
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361

95 B
153 B

15ms
14ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e7190c8a4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361
date: Tue, 30 Nov 2021 03:13:56 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

um
u-ams02.e-planning.net/ Frame 1A8A
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D53fc3b21b0553aaa
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=53fc3b21b0553aaa

42 B
103 B

13ms
13ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=53fc3b21b0553aaa
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Server: 46.249.52.249 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=53fc3b21b0553aaa
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 dataxpand_28122020.js Show response
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 1A8A 39 KB
14 KB 63ms
20ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 16:45:03 GMT
server: openresty
etag: W/"5fea0b8f-9a72"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sun, 29 Nov 2026 03:13:56 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 1A8A 43 B
351 B 36ms
15ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D53fc3b21b0553aaa%26uid%3D%24%7BUID%7D
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 4f9ljr5prv04jmmsai4q8jpqsrhbngcn

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame 1A8A 5 KB
2 KB 414ms
103ms Script
text/plain 52.86.83.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.83.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-83-177.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: b6e2670961b829e6118412f4c20e9d08ec6376f48ee9238fbb147d8906029864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1682

GET
H2 200 lotame.js Show response
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 1A8A 266 B
416 B 42ms
21ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 16:18:03 GMT
server: openresty
etag: W/"5fb69abb-10a"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sun, 29 Nov 2026 03:13:56 GMT

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 1A8A
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D53fc3b21b0553aaa
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F

95 B
222 B

13ms
13ms

Image
image/png

162.55.236.225
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Server: 162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.225.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
date: Tue, 30 Nov 2021 03:13:56 GMT
server: nginx/1.14.2
content-type: text/html; charset=UTF-8

GET
H2

200

um
u-ams02.e-planning.net/ Frame 1A8A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D53fc3b21b0553aaa%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=53fc3b21b0553aaa&uid=1499637864729228157

42 B
104 B

49ms
13ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=53fc3b21b0553aaa&uid=1499637864729228157
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Server: 46.249.52.249 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8b5b99fa-6cf0-49c5-b5cb-76ced4b66a7c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=53fc3b21b0553aaa&uid=1499637864729228157
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 29ms
29ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=640891275947728&input_token&origin=1&redirect_uri=https%3A%2F%2Fsonichits.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7cdf96dcae4cd23a536f633172157322

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sonichits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 5Yp4PacNapByCCy2jY1pbmgR/MhFXtUr2T6ycC3W6MnR+v9wcm1hVmHiccsl1qSCLT0NRuczg+aagsrP9ZWkPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 30 Nov 2021 03:13:56 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sonichits.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 8AB8 35 B
266 B 393ms
100ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1F83 32 KB
10 KB 8ms
8ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 88b8317bad05fa241b8001ba25175171729b7df8d67f4f1c796e36e52a4a624e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9129
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9512
Expires: Tue, 30 Nov 2021 05:46:05 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 154A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

7ms
7ms

Document
text/html

23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 806F 14 KB
5 KB 7ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=69693
expires: Tue, 30 Nov 2021 22:35:29 GMT
date: Tue, 30 Nov 2021 03:13:56 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8845 0
731 B 11ms
6ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3432675a-67aa-44f8-921a-2686ef0324f0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum.casalemedia.com/ Frame 4521 2 KB
3 KB 46ms
17ms Document
text/html 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6a34c984bb6643204361fe1afeb3fb66b45e5fb639f1749d24dfb70e043b8114

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|73|4|3|88|218|57|41
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1615
Expires: Tue, 30 Nov 2021 03:13:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 39D4 2 KB
814 B 20ms
18ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame CE36 322 B
692 B 21ms
21ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5082577e7523d8cd294ae5eb221c3cc344649bbb21ea61d628582c84351c4e2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://sync.e-planning.net
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b60e717dbc14e44-FRA
content-encoding: br

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 154A 32 KB
10 KB 10ms
7ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 88b8317bad05fa241b8001ba25175171729b7df8d67f4f1c796e36e52a4a624e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9129
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9512
Expires: Tue, 30 Nov 2021 05:46:05 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 806F 5 KB
6 KB 18ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36828445&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0557bd78c1a1bb8bdd293eb515a3ecf0abb02d502b3596caf0b80273fde2de83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6CAD
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=204A8A74-7C40-464A-837C-6826C42325CA
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=204A8A74-7C40-464A-837C-6826C42325CA

35 B
467 B

23ms
16ms

Document
image/gif

37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=204A8A74-7C40-464A-837C-6826C42325CA

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=204A8A74-7C40-464A-837C-6826C42325CA
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E4B8
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1329858896597773705

42 B
211 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1329858896597773705
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug004:0:437
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1329858896597773705
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 7AE3 43 B
334 B 103ms
13ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 30 Nov 2021 03:13:55 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Tue, 30 Nov 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 520062

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C96D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036195967558482059

42 B
389 B

18ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036195967558482059
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug015:0:410
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 30 Nov 2021 03:13:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036195967558482059

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 07EC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaWW9AAIVQbjNABR&gdpr=0&gdpr_consent=&_test=YaWW9AAIVQbjNABR

1 B
237 B

18ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaWW9AAIVQbjNABR&gdpr=0&gdpr_consent=&_test=YaWW9AAIVQbjNABR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug017:0:526
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaWW9AAIVQbjNABR&gdpr=0&gdpr_consent=&_test=YaWW9AAIVQbjNABR
accept-ranges: bytes
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
x-served-by: cache-hhn4044-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1638242037.615458,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 8907
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUNCM0JVN0RTeTRBQUNvOWpIc0RGUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

31ms
28ms

Document
image/gif

52.49.134.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.134.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-134-174.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 30 Nov 2021 03:13:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Tue, 30 Nov 2021 03:13:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7DFE
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
107 B

23ms
17ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug022:2:198
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Tue, 30 Nov 2021 03:13:56 GMT
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7C30
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NNanEyrK70Y0CmUnG7wMX5sh

42 B
216 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NNanEyrK70Y0CmUnG7wMX5sh
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug021:0:471
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 30 Nov 2021 03:13:56 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NNanEyrK70Y0CmUnG7wMX5sh
strict-transport-security: max-age=0; includeSubDomains;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1BCC
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8386837721
https://sync.1rx.io/usersync/tradedesk/7fed5bb0-88f2-48f6-ab21-42aa630a8387
https://sync.targeting.unrulymedia.com/csync/RX-04db035f-b74a-453f-8db7-81177f6b382e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-04db035f-b74a-453f-8db7-81177f6b382e-003

42 B
229 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-04db035f-b74a-453f-8db7-81177f6b382e-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug005:0:466
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-04db035f-b74a-453f-8db7-81177f6b382e-003
etag: RX04db035fb74a453f8db781177f6b382e003

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame DFA6 15 B
915 B 48ms
20ms Document
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b60e7184be4697f-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 4E38 43 B
408 B 72ms
12ms Document
image/gif 72.251.245.181
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 1CEE 43 B
280 B 112ms
26ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: leviathan-eac225d354c2@version_1.358
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 1ms
Date: Tue, 30 Nov 2021 03:13:56 GMT

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 5EE4
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bf782a62-2597-4fe6-9230-c36e609c797b-tuct89f1c74&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
147 B

46ms
13ms

Document
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bf782a62-2597-4fe6-9230-c36e609c797b-tuct89f1c74&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
x-served-by: cache-fra19139-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1638242037.557290,VS0,VE9
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bf782a62-2597-4fe6-9230-c36e609c797b-tuct89f1c74&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
x-served-by: cache-fra19169-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1638242037.510920,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame EEE1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
421 B

189ms
180ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b60e7198f8ec2db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 619
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b60e7185ecbc2db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 um Show response
u-ams02.e-planning.net/ Frame E9CB 42 B
103 B 13ms
13ms Document
image/gif 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=53fc3b21b0553aaa&uid=204A8A74-7C40-464A-837C-6826C42325CA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: openresty
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 806F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IEqKdHxARkqDfGgmxCMlyg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

7ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=69693
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Tue, 30 Nov 2021 22:35:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2bf161a5-96f4-4000-a3e0-bde7f264dc61

0
260 B

59ms
13ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2bf161a5-96f4-4000-a3e0-bde7f264dc61
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:55 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2bf161a5-96f4-4000-a3e0-bde7f264dc61
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Nov 2021 03:13:55 GMT

GET
H2

200

/
spl.zeotap.com/ Frame 806F
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=204A8A74-7C40-464A-837C-6826C42325CA
https://spl.zeotap.com/?zdid=1332&zcluid=c56ac35b42323833

95 B
542 B

19ms
18ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=c56ac35b42323833
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6b60e718ac4d4e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=c56ac35b42323833
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjA0QThBNzQtN0M0MC00NjRBLTgzN0MtNjgyNkM0MjMyNUNB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:397
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHH96S6dE8nBOWyM9HMEVcU&google_cver=1

42 B
284 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHH96S6dE8nBOWyM9HMEVcU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:423
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHH96S6dE8nBOWyM9HMEVcU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 806F 43 B
616 B 50ms
12ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Nov 2021 03:13:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b85261a5-96f4-4800-9343-4b75fdab7c03&gdpr=0&gdpr_consent=

42 B
343 B

20ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b85261a5-96f4-4800-9343-4b75fdab7c03&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:2684
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b85261a5-96f4-4800-9343-4b75fdab7c03&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Nov 2021 03:13:55 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8916238368866614867

42 B
235 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8916238368866614867
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:489
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8916238368866614867
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7fed5bb0-88f2-48f6-ab21-42aa630a8387

42 B
293 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7fed5bb0-88f2-48f6-ab21-42aa630a8387
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:401
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7fed5bb0-88f2-48f6-ab21-42aa630a8387
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1499637864729228157&gdpr=0&gdpr_consent=

42 B
210 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1499637864729228157&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:481
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 326b8ddb-6304-424a-89a1-91a0adb5243c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1499637864729228157&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iSHW24Ym0dqSKIHZ3SKa2Id00deSKdTdiyZm_Sb4

42 B
311 B

18ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iSHW24Ym0dqSKIHZ3SKa2Id00deSKdTdiyZm_Sb4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:413
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iSHW24Ym0dqSKIHZ3SKa2Id00deSKdTdiyZm_Sb4
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 204A8A74-7C40-464A-837C-6826C42325CA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 806F 43 B
872 B 114ms
36ms Image
image/gif 2a05:d018:d29:3602:e219:12f7:637c:c071
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/204A8A74-7C40-464A-837C-6826C42325CA?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:e219:12f7:637c:c071 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=204A8A74-7C40-464A-837C-6826C42325CA&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=204A8A74-7C40-464A-837C-6826C42325CA&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-e5gRCmtE2uVKD7Qf4.wZtlFgrj1I0mk-~A&gdpr=0&gdpr_consent=

0
48 B

59ms
13ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-e5gRCmtE2uVKD7Qf4.wZtlFgrj1I0mk-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:55 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-e5gRCmtE2uVKD7Qf4.wZtlFgrj1I0mk-~A&gdpr=0&gdpr_consent=
date: Tue, 30 Nov 2021 03:13:56 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2812522333820147681&gdpr=0&gdpr_consent=&us_privacy=

1 B
167 B

18ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2812522333820147681&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:450
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2812522333820147681&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=9f863214-4ec6-4ef8-b97f-1d0b1210f6ae&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8535d9e1-fab2-4fd7-8092-f8af213b6c64&gdpr=&gdpr_consent=&gdpr_pd=

1 B
305 B

18ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8535d9e1-fab2-4fd7-8092-f8af213b6c64&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:345
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8535d9e1-fab2-4fd7-8092-f8af213b6c64&gdpr=&gdpr_consent=&gdpr_pd=
Date: Tue, 30 Nov 2021 03:13:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 806F 0
104 B 132ms
59ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=204A8A74-7C40-464A-837C-6826C42325CA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
204 B

18ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:455
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:55 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:37386c78-08d3-439a-979f-9fd3634bdcab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
187 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:37386c78-08d3-439a-979f-9fd3634bdcab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:57 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:467
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:37386c78-08d3-439a-979f-9fd3634bdcab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 30 Nov 2021 03:13:57 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 806F
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1499637864729228157

42 B
116 B

18ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1499637864729228157
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:365
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 628d1dc7-49e0-4fb0-8d8c-4c907793494c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1499637864729228157
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 806F 35 B
238 B 112ms
31ms Image
image/gif 34.254.143.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-235.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CE36
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D749bc...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=97e31900-6a39-46b3-67db-12b67d1e5a7e&zdid=1361

95 B
153 B

15ms
15ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=97e31900-6a39-46b3-67db-12b67d1e5a7e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b60e7190c884e44-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=97e31900-6a39-46b3-67db-12b67d1e5a7e&zdid=1361
date: Tue, 30 Nov 2021 03:13:56 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 4521 0
0 8ms
7ms Image
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4521 43 B
874 B 102ms
37ms Image
image/gif 2a05:d018:d29:3602:e219:12f7:637c:c071
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YaWW9P3WdfZdihPmS2mg8wAABIUAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:e219:12f7:637c:c071 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4521
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2596349551706363873

43 B
1 KB

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2596349551706363873
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:56 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2596349551706363873
pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4521
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1aee61a5-96f4-4400-ab12-4bd646cf2d8c&gdpr=1&gdpr_consent=

43 B
1 KB

34ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1aee61a5-96f4-4400-ab12-4bd646cf2d8c&gdpr=1&gdpr_consent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:56 GMT

Redirect headers

Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1aee61a5-96f4-4400-ab12-4bd646cf2d8c&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Nov 2021 03:13:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4521
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YaWW9AAIakgQ8gBG
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWW9AAIakgQ8gBG&gdpr=1&_test=YaWW9AAIakgQ8gBG

43 B
1 KB

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWW9AAIakgQ8gBG&gdpr=1&_test=YaWW9AAIakgQ8gBG
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1638242037.629911,VS0,VE0
x-served-by: cache-hhn4044-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWW9AAIakgQ8gBG&gdpr=1&_test=YaWW9AAIakgQ8gBG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YaWW9P3WdfZdihPmS2mg8wAA%261157
dpm.demdex.net/ Frame 4521 0
0 31ms
30ms Image
application/json 54.72.239.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YaWW9P3WdfZdihPmS2mg8wAA%261157?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-239-169.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4521
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1992631735042310040

43 B
1 KB

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1992631735042310040
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 03:13:57 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1992631735042310040
Date: Tue, 30 Nov 2021 03:13:57 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 4521 43 B
408 B 55ms
12ms Image
image/gif 72.251.245.181
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-8
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 um
u-ams02.e-planning.net/ Frame 4521 42 B
103 B 14ms
13ms Image
image/gif 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=53fc3b21b0553aaa&uid=YaWW9P3WdfZdihPmS2mg8wAA%261157
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
server: openresty
content-type: image/gif

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/15238/ Frame 1A8A 38 KB
11 KB 26ms
8ms Script
application/json 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 20:40:11 GMT
content-encoding: gzip
etag: W/"2b2f816f40499d384e118ce88a266e02"
last-modified: Thu, 02 Jul 2020 15:35:12 GMT
server: AmazonS3
age: 23626
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: UrmY20xKzT1zEtpscjhE8YH9ESTceAgot_uU7zOoahseXbPmRlIBug==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7823 636 B
578 B 13ms
13ms Document
text/html 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

server: openresty
date: Tue, 30 Nov 2021 03:13:56 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Sun, 29 Nov 2026 03:13:56 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 204 5721953d-9d5b-40ae-88b6-e6eaac5b9422
ex.ingage.tech/v1/sync/eplanning/ Frame 9BDA 0
0 122ms
122ms Document
text/plain 2606:4700:10::6816:b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/sync/eplanning/5721953d-9d5b-40ae-88b6-e6eaac5b9422?uid=AJW33gWmCu8hm3g6
Requested by: Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

date: Tue, 30 Nov 2021 03:13:56 GMT
vary: Origin
access-control-allow-credentials: true
cache-control: private, max-age=1296000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b60e71a1e017028-FRA

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ Frame 7823 0
535 B 107ms
32ms Script
text/plain 212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fsync.e-planning.net%2F&s=&rand=1638242036833

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.83.160.162 Massy, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-83-160-162.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 03:13:56 GMT
Server: nginx/1.11.3
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1F83 284 B
536 B 8ms
7ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 154A 284 B
536 B 8ms
8ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame 1A8A 368 B
879 B 104ms
104ms XHR
text/plain 52.86.83.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=91.199.118.73&p=M1353665098&artime=2021-11-30T03:13:57.991Z&arlocation=c3luYy5lLXBsYW5uaW5nLm5ldC91c3BkLzEvMmI5ZDM5NWY3OWZkOTdhNT9ydWlkbT0xJmR1PWh0dHBzJTNBJTJGJTJGZXguaW5nYWdlLnRlY2glMkZ2MSUyRnN5bmMlMkZlcGxhbm5pbmclMkY1NzIxOTUzZC05ZDViLTQwYWUtODhiNi1lNmVhYWM1Yjk0MjIlM0Z1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=c29uaWNoaXRzLmNvbS8=
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.83.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-83-177.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9b53c7cf2ee7e50d0f53818195a13f7170024eac80d5a52e393b59332c079374

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:58 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://sync.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 264

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame 1A8A 1 KB
1 KB 113ms
7ms Image
text/plain 52.57.150.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:58 GMT
Content-Length: 1241
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200

p
a.audrte.com/ Frame 1A8A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=&google_gid=CAESEKNvAKVAPDyXEjBGeS8F_A8&google_cver=1
https://a.audrte.com/p

68 B
617 B

102ms
101ms

Image
image/png

52.86.83.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 52.86.83.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-83-177.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:58 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 30 Nov 2021 03:13:58 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 1A8A
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=8916238368866614867
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEKNvAKVAPDyXEjBGeS8F_A8&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=

0
344 B

8ms
7ms

Image
text/plain

52.57.150.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 52.57.150.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:13:58 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Tue, 30 Nov 2021 03:13:58 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=2d8ksXjiODPQMaX94UD3YZG5g&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 806F 0
128 B 20ms
13ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D53fc3b21b0553aaa%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 03:13:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 rt=ifr Show response
bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/ Frame 2117 1 KB
2 KB 45ms
44ms Document
text/html 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bc895d9e5c10ea30a6e5e4931d95ff6f9add1f1a0dfce4653d270477e0173977

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.e-planning.net/

Response headers

date: Tue, 30 Nov 2021 03:13:59 GMT
content-type: text/html;charset=utf-8
content-length: 1181
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.14.29
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2117 70 B
264 B 33ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

tpid=2812522333820147681
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 2117
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/5add69d7d1f9ced71d7610b9271076fa/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2812522333820147681

49 B
264 B

33ms
33ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2812522333820147681
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:59 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.11.41
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2812522333820147681
pragma: no-cache
date: Tue, 30 Nov 2021 03:13:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 2117
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b85261a5-96f4-4800-9343-4b75fdab7c03

49 B
264 B

42ms
32ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b85261a5-96f4-4800-9343-4b75fdab7c03
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:59 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.89
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Tue, 30 Nov 2021 03:13:59 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b85261a5-96f4-4800-9343-4b75fdab7c03
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Nov 2021 03:13:58 GMT

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 2117 0
191 B 23ms
22ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:59 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=27369775413816376110146659282807109481
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 2117
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5add69d7d1f9ced71d7610b9271076fa&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=27369775413816376110146659282807109481

49 B
264 B

32ms
32ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=27369775413816376110146659282807109481
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 03:13:59 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.21
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v020-0945a571e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 29CwbpUwTms=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=27369775413816376110146659282807109481
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 2117 62 B
304 B 158ms
157ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=74486ae6e2207166af01fef65c83bc85
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=649217778/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 03:14:00 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/K71oV3YXLnxyXq77Uz80?uid=5721953d-9d5b-40ae-88b6-e6eaac5b9422&to=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%7B%24PARTNER_UID%7D

Verdicts & Comments Add Verdict or Comment

725 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

145 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sonichits.com/	1970-01-20 07:49:38	Name: language Value: en
.sonichits.com/	1970-01-19 23:04:45	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1638242031994],null,null,null,[]]
sonichits.com/	1970-01-19 23:47:14	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sonichits.com/	1970-01-20 03:23:14	Name: _pubcid Value: f13dc325-9290-4bde-9828-2a25a2de2948
.tunefindforfans.com/	1970-01-21 18:52:02	Name: CF_ID Value: a7f8660f1eb0c46dbb30be6bb3a38ec2
.tunefindforfans.com/	1970-01-19 23:25:38	Name: bot_tracker Value: a%3A2%3A%7Bs%3A11%3A%22ads_counter%22%3Ba%3A1%3A%7Bi%3A1638242032%3Bi%3A1%3B%7Ds%3A5%3A%22isbot%22%3Bb%3A0%3B%7D
sonichits.com/	1970-01-19 23:04:03	Name: InstiSession Value: eyJpZCI6ImZiM2I1YTU0LWY2YjQtNDk0MS04YzFiLThjMDE2OGRmNjhjMSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
sonichits.com/	1969-12-31 23:59:59	Name: ucf_uid Value: 7faff978-6cb6-4d2d-8407-ae29bed2ee3b
sonichits.com/	1969-12-31 23:59:59	Name: hb_insticator_uid Value: 5721953d-9d5b-40ae-88b6-e6eaac5b9422
sonichits.com/	1970-01-19 23:05:28	Name: plsVisitorGeo Value: DE
sonichits.com/	1970-01-19 23:05:28	Name: plsVisitorCity Value: Hessen
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s568\|YaWW8
sonichits.com/	1970-01-20 08:25:38	Name: cto_bidid Value: hZ3A2192c2ZWWFFRSkx2d3J5czVFQ2NjQVZGTHd5QSUyRjVDR3N1OTQlMkJadTUybVZ3cDY0RGlzMVQzJTJGTFFYS1Jkc3l1cGo0b00yQ29ZdXhXbU1vemVNdXZieU9qUSUzRCUzRA
sonichits.com/	1970-01-20 08:25:38	Name: cto_bundle Value: vht3JF95Znd0dWNsNXJFUkg5Y29WZ0hmcHBYbDk5ZVN4ZjB4b0xmWFRPTVIxbXhYNmdWT0hJVnFzTDI4MSUyRjJQSGNnYnJ4dExXTmlRbCUyQnN6dm43RGJpZDlmZjF0RGVqNERlSktKTG1NVEoxakZEa2ZzcUVRRThocHhUbXlZbzBsM0ElMkZUeA
.e-planning.net/	1970-01-22 12:23:14	Name: E Value: AJW33gWmCu8hm3g6
.sonichits.com/	1970-01-20 16:35:14	Name: _ga Value: GA1.2.1589219999.1638242033
.sonichits.com/	1970-01-19 23:05:28	Name: _gid Value: GA1.2.2060345363.1638242033
.sonichits.com/	1970-01-19 23:04:02	Name: _gat Value: 1
prebid.a-mo.net/	1970-01-20 07:49:38	Name: __amc Value: 1_1638242032_1638242032
.a-mo.net/	1970-01-20 07:49:38	Name: amuid2 Value: 18582f18-3977-4dba-96ec-24b23aee269b
.aralego.com/	1970-01-20 07:49:38	Name: sspid Value: 7faff978-6cb6-4d2d-8407-ae29bed2ee3b
.sonichits.com/	1970-01-19 23:04:02	Name: _gat_Insticator_Embed_v4 Value: 1
.adnxs.com/	1970-01-20 01:13:38	Name: uuid2 Value: 1499637864729228157
.doubleclick.net/	1970-01-20 08:25:38	Name: IDE Value: AHWqTUke7qEHsn5sqG_4m6tU7oImyPO1U-rFK3HhNJNa269qNBwhwNIIS8vspZ7DVQY
.pubmatic.com/	1970-01-20 01:13:38	Name: KADUSERCOOKIE Value: 204A8A74-7C40-464A-837C-6826C42325CA
.adsrvr.org/	1970-01-20 07:49:38	Name: TDID Value: 7fed5bb0-88f2-48f6-ab21-42aa630a8387
.ad.gt/	1970-01-19 23:05:28	Name: au_idmatch Value: {"apn": "2021-11-30", "ttd": "2021-11-30", "pub": "2021-11-30", "adx": "2021-11-30", "halo": "2021-11-30", "goo": "2021-11-30", "dnts": "2021-11-30", "rub": "2021-11-30", "bees": "2021-11-30"}
.demdex.net/	1970-01-20 03:23:14	Name: demdex Value: 27369775413816376110146659282807109481
.dpm.demdex.net/	1970-01-20 03:23:14	Name: dpm Value: 27369775413816376110146659282807109481
.technoratimedia.com/	1970-01-21 18:52:02	Name: tads_uid Value: GDPR
.bidr.io/	1970-01-20 08:32:32	Name: bito Value: ACB3BU7DSy4AACo9jHsDFQ
.bidr.io/	1970-01-20 08:32:32	Name: bitoIsSecure Value: ok
.360yield.com/	1970-01-20 01:13:38	Name: tuuid Value: 2c557bcc-25d1-47e0-a83b-570bb85f9327
.360yield.com/	1970-01-20 01:13:38	Name: tuuid_lu Value: 1638242033
.targeting.unrulymedia.com/	1970-01-20 07:49:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-04db035f-b74a-453f-8db7-81177f6b382e-003%22%7D
.ad.gt/	1970-01-20 16:35:14	Name: g_hosted Value:
.ad.gt/	1970-01-20 16:35:14	Name: last_seenrub Value: 1638242033474
.ad.gt/	1970-01-20 16:35:14	Name: rub Value:
.ad.gt/	1970-01-20 16:35:14	Name: last_seeng_hosted Value: 1638242033478
.sonichits.com/	1970-01-20 01:13:38	Name: _fbp Value: fb.1.1638242033717.1863506789
.ad.gt/	1970-01-20 16:35:14	Name: last_seenbeeswax Value: 1638242033488
.ad.gt/	1970-01-20 16:35:14	Name: beeswax_id Value: ACB3BU7DSy4AACo9jHsDFQ
.ad.gt/	1970-01-20 16:35:14	Name: tdid Value: 7fed5bb0-88f2-48f6-ab21-42aa630a8387
.ad.gt/	1970-01-20 16:35:14	Name: last_seenunruly Value: 1638242033489
.ad.gt/	1970-01-20 16:35:14	Name: unruly_id Value: RX-04db035f-b74a-453f-8db7-81177f6b382e-003
.ad.gt/	1970-01-20 16:35:14	Name: last_seentd Value: 1638242033491
.ad.gt/	1970-01-20 16:35:14	Name: first_seentd Value: 1638242033491
.ad.gt/	1970-01-20 16:35:14	Name: last_seenimprove Value: 1638242033491
.ad.gt/	1970-01-20 16:35:14	Name: impr_uid Value: 2c557bcc-25d1-47e0-a83b-570bb85f9327
.ad.gt/	1970-01-20 16:35:14	Name: adnxs_id Value: 1499637864729228157
.ad.gt/	1970-01-20 16:35:14	Name: last_seenadx Value: 1638242033498
.ad.gt/	1970-01-20 16:35:14	Name: google_gid Value: CAESEA4ekCrR1AmDLLhLw0RrMJE
.ad.gt/	1970-01-20 16:35:14	Name: first_seenadx Value: 1638242033498
.ad.gt/	1970-01-20 16:35:14	Name: last_seenadnxs Value: 1638242033498
.ad.gt/	1970-01-20 16:35:14	Name: first_seenadnxs Value: 1638242033498
.ad.gt/	1970-01-20 16:35:14	Name: last_seenadb Value: 1638242033495
.ad.gt/	1970-01-20 16:35:14	Name: adb Value: 27369775413816376110146659282807109481
.ad.gt/	1970-01-20 16:35:14	Name: last_seenpbm Value: 1638242033498
.ad.gt/	1970-01-20 16:35:14	Name: pbm Value: 86664EF0-791C-47DE-8D3D-8FA1018D7E9D
.ad.gt/	1970-01-20 16:35:14	Name: first_seenpbm Value: 1638242033498
.ad.gt/	1970-01-20 16:35:14	Name: halo_id Value: 0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 16:35:14	Name: last_seenhaloid Value: 1638242033792
.ad.gt/	1970-01-20 16:35:14	Name: au_id Value: f33a3d04-0a20-4aaa-9f92-ee2f823492b3
.ad.gt/	1970-01-20 16:35:14	Name: first_seenhaloid Value: 1638242033792
.sonichits.com/	1970-01-19 23:04:02	Name: _gat_auPassiveTagger Value: 1
sonichits.com/	1970-01-19 23:04:05	Name: _lr_retry_request Value: true
sonichits.com/	1970-01-19 23:47:14	Name: _lr_env_src_ats Value: false
sonichits.com/	1970-01-20 00:30:26	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%227fed5bb0-88f2-48f6-ab21-42aa630a8387%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-30T03%3A13%3A54%22%7D
.sonichits.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638328434226
sonichits.com/	1970-01-19 23:05:28	Name: _lr_geo_location Value: DE
.casalemedia.com/	1970-01-20 07:49:38	Name: CMID Value: YaWW9P3WdfZdihPmS2mg8wAA
.casalemedia.com/	1970-01-20 01:13:38	Name: CMPS Value: 5224
.bidswitch.net/	1970-01-20 07:49:38	Name: tuuid Value: 8535d9e1-fab2-4fd7-8092-f8af213b6c64
.bidswitch.net/	1970-01-20 07:49:38	Name: c Value: 1638242036
.bidswitch.net/	1970-01-20 07:49:38	Name: tuuid_lu Value: 1638242036
.casalemedia.com/	1970-01-20 01:13:38	Name: CMPRO Value: 1157
.zeotap.com/	1970-01-20 07:49:38	Name: zc Value: 749bc7fb-c9af-43dd-556e-949ae0e22221
.lijit.com/	1970-01-20 07:49:38	Name: ljt_reader Value: 811336cca82ee4699fb6154b
.tapad.com/	1970-01-20 00:30:26	Name: TapAd_TS Value: 1638242036407
.tapad.com/	1970-01-20 00:30:26	Name: TapAd_DID Value: 45189448-e9f8-4288-9aec-2dfb1e4a1612
.w55c.net/	1970-01-20 08:32:50	Name: wfivefivec Value: pZbEWWSB1MRTAE5
.weborama.fr/	1970-01-20 08:35:42	Name: AFFICHE_W Value: qHpmi4Y070Oo63
.adfarm1.adition.com/	1970-01-20 01:13:38	Name: UserID1 Value: 7036195967558482059
.w55c.net/	1970-01-19 23:47:14	Name: matchcasale Value: 5
.ads.pubmatic.com/	1970-01-19 23:05:28	Name: KCCH Value: YES
.tapad.com/	1970-01-20 00:30:26	Name: TapAd_3WAY_SYNCS Value:
.pubmatic.com/	1970-01-20 01:13:38	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:05:28	Name: pi Value: 156631:3
.pubmatic.com/	1970-01-20 01:13:38	Name: DPSync3 Value: 1638316800%3A174%7C1639440000%3A197_219_201
.pubmatic.com/	1970-01-20 01:13:38	Name: SyncRTB3 Value: 1639094400%3A63%7C1638835200%3A223_2_15%7C1640822400%3A203%7C1639440000%3A81_54_161_3_22_55_220_165_204_8_234_222_56_7_71_176_13_99_189_21_88_230_166_238%7C1639526400%3A35
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.richaudience.com/	1970-01-20 01:13:38	Name: avcid-zeo-uid Value: 749bc7fb-c9af-43dd-556e-949ae0e22221
.smartadserver.com/	1970-01-20 08:32:50	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 08:32:50	Name: pbw Value: %24b%3d16960%3b%24o%3d11100
.taboola.com/	1970-01-20 07:49:38	Name: t_gid Value: bf782a62-2597-4fe6-9230-c36e609c797b-tuct89f1c74
.agkn.com/	1970-01-20 07:49:38	Name: ab Value: 0001%3AO%2F3WaB1VDMKnGTytZMP6b7gQh49wuz7h
.pubmatic.com/	1970-01-19 23:47:14	Name: KRTBCOOKIE_1101 Value: 23040-7036195967558482059
.pubmatic.com/	1970-01-19 23:47:14	Name: PugT Value: 1638242036
.pubmatic.com/	1970-01-20 01:13:38	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 01:13:38	Name: KRTBCOOKIE_57 Value: 22776-1499637864729228157
.pubmatic.com/	1970-01-20 01:13:38	Name: KRTBCOOKIE_80 Value: 22987-CAESEHH96S6dE8nBOWyM9HMEVcU&KRTB&16514-CAESEHH96S6dE8nBOWyM9HMEVcU&KRTB&23025-CAESEHH96S6dE8nBOWyM9HMEVcU
.tidaltv.com/	1970-01-20 07:49:38	Name: tidal_ttid Value: 19937ff7-8879-4232-a5a5-a7002f27665e
.adform.net/	1970-01-19 23:47:14	Name: C Value: 1
.simpli.fi/	1970-01-20 07:51:04	Name: suid Value: 44207DE1D54A4E718D723E12E4003E86
.erne.co/	1970-01-20 07:49:38	Name: u Value: NNanEyrK70Y0CmUnG7wMX5sh
.quantserve.com/	1970-01-20 01:13:38	Name: d Value: EIgBCwHsJPijAA
.quantserve.com/	1970-01-20 08:34:16	Name: mc Value: 61a596f4-867b2-68df9-9c346
.analytics.yahoo.com/	1970-01-20 07:51:04	Name: IDSYNC Value: 18z8~21tf
.pubmatic.com/	1970-01-20 01:13:38	Name: KRTBCOOKIE_377 Value: 6810-7fed5bb0-88f2-48f6-ab21-42aa630a8387&KRTB&22918-7fed5bb0-88f2-48f6-ab21-42aa630a8387&KRTB&23031-7fed5bb0-88f2-48f6-ab21-42aa630a8387
.adsrvr.org/	1970-01-20 07:49:38	Name: TDCPM Value: CAEYASABKAIyCwjI9YjUxe6ZOhAFOAFaC2FkY29uZHVjdG9yYAI.
.adform.net/	1970-01-20 00:30:26	Name: uid Value: 8916238368866614867
.onaudience.com/	1970-01-20 07:49:38	Name: cookie Value: c56ac35b42323833
.onaudience.com/	1970-01-19 23:05:28	Name: done_redirects219 Value: 1
.mathtag.com/	1970-01-20 08:29:57	Name: uuid Value: b85261a5-96f4-4800-9343-4b75fdab7c03
.pubmatic.com/	1970-01-19 23:47:14	Name: KRTBCOOKIE_409 Value: 22966-NNanEyrK70Y0CmUnG7wMX5sh
.pubmatic.com/	1970-01-20 01:13:38	Name: KRTBCOOKIE_153 Value: 1923-iSHW24Ym0dqSKIHZ3SKa2Id00deSKdTdiyZm_Sb4&KRTB&19420-iSHW24Ym0dqSKIHZ3SKa2Id00deSKdTdiyZm_Sb4&KRTB&22979-iSHW24Ym0dqSKIHZ3SKa2Id00deSKdTdiyZm_Sb4
.de17a.com/	1970-01-20 07:42:26	Name: guid2 Value: 1.1329858896597773705
.1rx.io/	1970-01-20 07:49:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-04db035f-b74a-453f-8db7-81177f6b382e-003%22%2C%22nxtrdr%22%3Afalse%7D
.tidaltv.com/	1970-01-20 07:49:38	Name: sync-his Value: "H4sIAAAAAAAAADM0sjQ1sjK0MAIAX3NxzwkAAAA="
.turn.com/	1970-01-20 03:23:14	Name: uid Value: 2812522333820147681
.krxd.net/	1970-01-20 03:23:14	Name: _kuid_ Value: Ogw6_LX0
.pubmatic.com/	1970-01-19 23:47:14	Name: KRTBCOOKIE_391 Value: 22924-8916238368866614867&KRTB&23263-8916238368866614867
.zeotap.com/	1970-01-19 23:05:28	Name: zsc Value: x%E6%D7%E84%D3%F4%7C.%5E%FB%0B%0DSQ%1BH%A05%B2%8A%D2%B0z%26%C5%BA%24oP%DB%B7%FE%0D1%28%0D%B7%D66%DF%F3%7Bh%DA7.%3F%9C%F9%8F%22%A9mP%D5%7B%8E%CE8%CD74%99%D2%CD%A7%FC%8D8%7B%96Ak5E%FE%E0%0B%89%CA%26Y%0E%A9%1BH%B9%D0%11%A0%F5S0z%0E%0A%06%AD%8E%B6%A2%0E2%D0%3B%124%C4w%1A%AC%10%27%2B%7Ce%8E%12%19%E0%E1%84%FB%A7%AC%A9%C1%F1%A7%D4H%0C%11%0F%02%B6%A1%1B%EF%3E%A7%91%FC%F4%1C%A9%C42%AE%FD%14Z%CC%B2%FC%A48jD%C7%CA%AF.
.pubmatic.com/	1970-01-20 07:49:38	Name: KRTBCOOKIE_27 Value: 16735-uid:b85261a5-96f4-4800-9343-4b75fdab7c03&KRTB&16736-uid:b85261a5-96f4-4800-9343-4b75fdab7c03&KRTB&23019-uid:b85261a5-96f4-4800-9343-4b75fdab7c03&KRTB&23114-uid:b85261a5-96f4-4800-9343-4b75fdab7c03
.yahoo.com/	1970-01-20 07:49:59	Name: A3 Value: d=AQABBPSWpWECEDq84fwxjYqcxdPMsMluuwMFEgEBAQHopmGvYQAAAAAA_SMAAA&S=AQAAAiNq4yQeo3VmyHfh1z54QbY
.everesttech.net/	1970-01-20 07:49:38	Name: everest_g_v2 Value: g_surferid~YaWW9AAIakgQ8gBG
.pubmatic.com/	1970-01-19 23:47:14	Name: SPugT Value: 1638242035
.pubmatic.com/	1970-01-19 23:47:14	Name: KRTBCOOKIE_336 Value: 5844-1329858896597773705
.pubmatic.com/	1970-01-19 23:47:14	Name: KRTBCOOKIE_22 Value: 14911-2812522333820147681
.pubmatic.com/	1970-01-19 23:47:14	Name: KRTBCOOKIE_594 Value: 17107-RX-04db035f-b74a-453f-8db7-81177f6b382e-003
.pubmatic.com/	1970-01-20 01:13:38	Name: KRTBCOOKIE_218 Value: 4056-YaWW9AAIVQbjNABR&KRTB&22978-YaWW9AAIVQbjNABR&KRTB&23194-YaWW9AAIVQbjNABR&KRTB&23209-YaWW9AAIVQbjNABR
ads.avct.cloud/	1970-01-20 07:49:38	Name: uuid Value: 9f863214-4ec6-4ef8-b97f-1d0b1210f6ae
.pubmatic.com/	1970-01-20 03:23:14	Name: KRTBCOOKIE_188 Value: 3189-no-consent
ads.playground.xyz/	1970-01-19 23:14:06	Name: connect.sid Value: s%3A2Pj6Iio81z0oQcUNxTjX21ZoIy2Kp_OS.P4IhUHo9nAGsYZwOGyx43TIG7Dk0ShNYetGkM5jBsGE
.pubmatic.com/	1970-01-20 01:13:38	Name: KRTBCOOKIE_466 Value: 16530-8535d9e1-fab2-4fd7-8092-f8af213b6c64
.aralego.com/	1970-01-20 07:49:38	Name: gdpr Value: 1
.tribalfusion.com/	1970-01-20 01:13:38	Name: ANON_ID Value: aXnseFOZb3VhUEjUAvMidKCAHn54M70cKB4SWZbW0T7UULb5VxwCUTXCqw2mBSgBZdNZbYWnfSTeJP0cuBoZb4PwF
.fwmrm.net/	1970-01-20 03:23:14	Name: _uid Value: "e47e1_7036195967553355301"
.casalemedia.com/	1970-01-19 23:05:28	Name: CMST Value: YaWW9GGllvUA
.rfihub.com/	1970-01-20 08:25:38	Name: rud Value: H4sIAAAAAAAAAOMSNrS0NDIzNjQ3NjUwMTI2NDAwMRDiM9S1CHSKT8koSksJSnaW4jU0M7YwMjEyMDY3MDUCAHKoOg40AAAA
.rfihub.com/	1970-01-20 08:25:38	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmxhZGJkYGxuYGoEAFU-84EQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrS0NDIzNjQ3NjUwMTI2NDAwMRDiM9S1CHSKT8koSksJSnYGALxH_m8lAAAA
.casalemedia.com/	1970-01-20 07:49:38	Name: CMRUM3 Value: 3961a596f527601992631735042310040&e661a596f42760&2e61a596f405a0&c461a596f405a0&9c61a596f405a00&0461a596f427602596349551706363873&2d61a596f405a0&5861a596f42760YaWW9AAIakgQ8gBG&2f61a596f405a0&da61a596f42760&f161a596f405a0&4961a596f405a0&2761a596f40b40&0361a596f427601aee61a5-96f4-4400-ab12-4bd646cf2d8c&2961a596f405a0
.adsby.bidtheatre.com/	1970-01-19 23:14:06	Name: __kuid Value: 37386c78-08d3-439a-979f-9fd3634bdcab.407456037

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://srv.tunefindforfans.com/fruits/apricots.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://srv.tunefindforfans.com/showads/adunit.php?id=100004332&di=&subtag=&search=&artist=Adele&song=Easy%20On%20ME&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1638242032189, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://srv.tunefindforfans.com/fruits/apricots.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://srv.tunefindforfans.com/showads/adunit.php?id=100004332&di=&subtag=&search=&artist=Adele&song=Easy%20On%20ME&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1638242032189, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=88 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://sonichits.com/ Message: Mixed Content: The page at 'https://sonichits.com/' was loaded over HTTPS, but requested an insecure element 'http://sync.technoratimedia.com/services?srv=cs&pid=90&uid=5721953d-9d5b-40ae-88b6-e6eaac5b9422&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsynacor%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%5BUSER_ID%5D'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=749bc7fb-c9af-43dd-556e-949ae0e22221&reqId=92a56c61-5d13-41de-5e93-2303ad0d5881&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cs.admanmedia.com/sync/K71oV3YXLnxyXq77Uz80?uid=5721953d-9d5b-40ae-88b6-e6eaac5b9422&to=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F5721953d-9d5b-40ae-88b6-e6eaac5b9422%3Fuid%3D%7B%24PARTNER_UID%7D Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
aufp.io
auth.instiengage.com
b2c.insticator.com
b2c.instiengage.com
bcp.crwdcntrl.net
beacon.krxd.net
biddr.brealtime.com
bttrack.com
c1.adform.net
cdn.aralego.net
cdn.clickfuse.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.instiengage.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
core.iprom.net
cs.admanmedia.com
csync.loopme.me
d.turn.com
d2f0uviei09pxb.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
engine.widespace.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
ex.ingage.tech
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
ids.ad.gt
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.youtube.com
insticator-d.openx.net
insticator.technoratimedia.com
js-sec.indexww.com
js.cookieless-data.com
lastfm.freetls.fastly.net
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.ad.gt
p.rfihub.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
pixels.ad.gt
pm.w55c.net
pp.d2-apps.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
product.instiengage.com
ps.eyeota.net
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.e-planning.net
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonichits.com
spl.zeotap.com
srv.tunefindforfans.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.instiengage.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
cs.admanmedia.com
104.111.215.191
104.17.119.107
13.225.77.75
13.32.99.34
142.250.185.194
142.250.186.130
147.75.38.124
151.101.129.44
151.101.65.194
151.101.66.49
152.199.22.191
159.65.196.12
162.210.196.208
162.55.236.225
169.50.137.182
178.162.133.149
178.162.133.150
178.250.0.157
178.250.2.151
18.193.230.138
18.205.214.32
18.66.139.46
18.66.97.88
185.29.134.248
185.64.190.78
185.64.190.80
185.86.139.115
192.132.33.46
193.122.130.38
195.5.165.20
198.47.127.20
198.8.71.129
2.18.232.130
2.18.233.180
2.18.234.21
2.19.35.65
2.21.111.28
2.21.141.232
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
209.54.180.3
212.82.100.182
212.83.160.162
213.155.156.183
213.19.147.43
213.19.147.45
216.52.2.48
23.79.143.124
23.88.75.187
2600:1f18:6593:f608:82c4:8e67:4786:1156
2600:9000:2156:e800:17:5bae:c7c0:93a1
2600:9000:223d:4400:9:78a:e540:93a1
2600:9000:223e:ce00:3:f434:dfc0:21
2600:9000:223f:4400:1c:386f:ec80:21
2600:9000:2251:2400:10:3422:3f00:21
2600:9000:236e:6e00:1a:5302:20c0:21
2606:4700:10::6816:1857
2606:4700:10::6816:b7
2606:4700:20::681a:22c
2606:4700:20::681a:567
2606:4700:20::681a:bd1
2606:4700:3037::6815:4e07
2606:4700::6812:c05
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:80f::2016
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42::591
2a05:d018:24:b001:be6e:d2d6:b7bf:2108
2a05:d018:d29:3602:e219:12f7:637c:c071
3.120.57.46
3.125.86.125
3.126.56.137
3.217.66.208
34.102.253.54
34.120.133.55
34.149.20.76
34.239.232.96
34.254.143.235
34.254.143.3
34.98.64.218
34.98.67.61
35.156.135.60
35.163.3.37
35.186.253.211
35.201.81.244
35.227.248.159
37.157.3.29
37.157.4.41
37.252.172.250
37.252.172.45
44.239.35.110
46.249.52.249
5.178.65.246
5.178.65.252
51.178.20.140
51.210.112.236
51.89.9.251
52.18.61.23
52.202.233.191
52.223.40.198
52.35.10.191
52.38.226.208
52.49.134.174
52.57.150.20
52.86.83.177
52.89.213.37
52.94.223.37
54.170.158.38
54.178.50.49
54.217.170.69
54.246.150.87
54.72.239.169
54.77.169.115
63.32.153.81
63.35.242.195
66.155.71.149
66.155.71.25
67.202.105.24
69.173.144.139
72.251.245.181
85.114.159.93
94.23.171.206
02b36c5b0645cc8e1abb02521910f596107e8f7141fb8658a89abf9993d927ca
03257a9fbd601c968fe545eff8150d0277506597747ffd3582bd2ede06f7ceb9
0557bd78c1a1bb8bdd293eb515a3ecf0abb02d502b3596caf0b80273fde2de83
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05c36ea546e9f2ddfd4847039c9f7888ea5c9bd4b5e45c18bf1d2b07fc001142
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcee2446f8299d948a41b137b2c52f37bbed3f15db0cb5382551339d6eab432
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d203f0fc78c3a66e5c30c3718267db7b8165cd5a2efd732e2154a8f66a978cb
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12afc46f8daf6e5a2e9d35d7f3eeda24c3be5d176f09f65da59deacd0722c823
140b1d513cf65bf1bc754001151fb1e438440a52020d5b65044454c101524a16
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
16384d968e89d379e3838a2a082c960e5a29a74575a3f05166692dac998f38a6
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b81b8a9646be6c5dd05adb3c6fb6f75c1fa9369a66202fb189b6a0c0f9bf356
1e5986ee59b10376300a1640b779775bad0107e542099146c4d32db688b749c1
1eaac347af004baa3ab96aad9668ccdfa3eba7d27edd66147a3476b8041f5d93
208d803b1e84d2b1017f3740070270801590cebe44a04e381812203fc9379bd2
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b679056fd80d4ff355b8033e31e7b88cc089d82afce7819130e6c97b62836cf
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
2db94632401f3d331de21fbdb6a8db8f2fb2daac228feb56ea14f613c4a83024
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f326505c910749d7aada49bc1d768e829f0388265b4bfa7e452687dad579a7b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4393b17628fe022ce8c6d21b408b064f8a33388a7450914c0e6e3bdaa682ffe6
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48de3ebff108330101c2db41e5d2d5c49d605c5454dccab53623f3114685d8f7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4dd2649a00da72f743222cadca674cee4b10bd81f532b03a121817501bf10783
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5082577e7523d8cd294ae5eb221c3cc344649bbb21ea61d628582c84351c4e2a
59fce0e5467af585c1a1a438682aa4eefc9b8d7c2dedd34ca408057d6e69366f
5cb200de113f12a3afed5d5c7ea85276b402f32ff19bd8732cce5a997192235b
5ea321d799e3ff43961ab684a14e65597b43c744a90238064f9bfc8e3c626916
60f3c72f3d36e2f0f90c7b618e638ef052674305ff1c6c2cc0e313a16959f8c4
61997e67cda6605b2e0762371d54b823af2f519eb37eacd10e721204125e28be
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
6368c4a6ef148cfc18db7ef367ade65fa0c99d044f727b9c7018522e487da8cb
64ba65f704a2a492c114b712c58c6e604c6867f906d53a4d16a309bc92eede4f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
6a34c984bb6643204361fe1afeb3fb66b45e5fb639f1749d24dfb70e043b8114
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4c0abd8926c248e9cd6f9962d492e934455f339a2e24f81ad791ba4d3ebb45
6e9633965ce8f46deaf3a3e17656911560f011de263428843616851b11a3a4f3
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
76e09afd06badcb1642b21a1258404dcc76f98972985a843f65594eb67769443
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
81cf47a4c232ee8145fb61863534a62c34bc2cdd8063b25f37494f243e134c86
82379f774476c74359d1dd4add33b0d1d888b8853394336fe48e6aebe3fd1064
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86dd570752bafa5a29624133d5ff48bdc260fead7847a5863180dad5f6615674
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88b8317bad05fa241b8001ba25175171729b7df8d67f4f1c796e36e52a4a624e
8b2b2b587b306b64945a85237509590180a4c2d86f99edaab84e945a1e97b9e2
8d00b9c8f0714e2ef8ce2ebe8b6c9d0e70a12b8c79000e32d34841d290e1b704
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8ea549abeae459b1a882a230cd01621a2bc28315ef26048e6675342f15c334a6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b7ae16e62f81ab23eb6a7a375d24bf0f02caeaae6e9dbcdadcbb9bf6a99d15
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9925babee5b2459d5c5b331cb20984e100de2511993a2d8bbca20627c8fbbaed
9a2986c79cdcd85c6c68cff6cb014634dc7b7467054a65c4a2063d25797db340
9b53c7cf2ee7e50d0f53818195a13f7170024eac80d5a52e393b59332c079374
9e4674b8ea534a2c87432ce9db750fba5fb45c7d6aab55c9a898caa481773d04
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9f325ee5b8aa9d31a1c54df64b110afebff39f3ac002c0e8ce5146553d00223a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1077e79d6595c15abb3241aa0c93f346c1b321f3455de7afcac490913b4406b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e761d1dcc9473463928503048ffe6e0a6470aea6ede5f70ae24652f4aae460
a5d100945f5ec292fa9a3bf294212c7de3a425fb856dd4016d20a28110fce02d
a6e164ec87dafa0b43317a99b4912b38c43712d255beb48d79c91ad9ce37ecab
a90f1d6ff02c2baa1365d6ca82dc10bd132543edb401d866a8f73f07dc0f76f8
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4197c1c815b266f2adab05b5a73135cbe80b351c2ac36b2d1d15a59a04df4cd
b6e2670961b829e6118412f4c20e9d08ec6376f48ee9238fbb147d8906029864
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
b9f51acc07662a6b78c899aaa986a4bb9db4ed149ea65ec3802b38b4992fb4f9
bbc377325564763bfab906b0639296ebc02dd47db03c73318b0badc93a977921
bc895d9e5c10ea30a6e5e4931d95ff6f9add1f1a0dfce4653d270477e0173977
c06789e2affc2b5ecfdfb35d1cc9f2d766bdd995cb10d9e7257609503e282aa4
c0f7b4bbf3e4fcea26e790ff48c8d3fdd03399979d871d05c7f22885cdb9baea
c154efe1ebee795b74093dff22cdfec5090ca5f5d409e2031319f84d4109d935
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c49ddbe61a20ded1cbf1a8e61c2d3bf9e7390a7a328d3edad78ede328dc094ec
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
cc63e334260bb52af4b1e62cd5f168f4d81793cf65bd2c3e075e24b38917c513
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64
ced055484b4be43f1b4befe3c912d30ed20792bc6e98a620b4516eecc25ae997
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d614d0c48799621b4301a34a64082f6adbe66439a52aa5ab2541c1704ea43f98
d685aacbfdc4b9019d05c149697b612f4dac768d20fbb40d38b461943cd5dd7a
d6ac7e0aa010e06943652546b45fe608a5d1c2b2cbfbbe4d73dd2cc509476915
d725382c78e6138817da3d0b13803f85598da9440b3d11e308c255ed132660b8
d9ee47d803b19ecae7d55faa0a2043f5144f739b353b231a0250d093811d1127
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de988af2bddad9188286b6d8374252dbbe3446cfd04e6bca89d563b15542d664
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b4d4544bfd79a81c0fe611143b3a1091cbfd50f5eb0026caab4fbe1966ac4b
e900c287990a184ada05b2ab5dfc5600edfeef24b2296c57ea8ad43f9ca55ffd
eac7f65a06e90a0ea6602bf24ecc0eebe21e17168059157d11e604bb63d3a29e
ee8b683ae1c1a9f74e7012eb5120e1f1ca273ccdcf04b43519b92e66f031b2e0
eedd1755fc8724c8281a7d1b1eae8a4e5e7a67980b2f0f5be1d28c793b07a526
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0539a6a98c6ffe19e12e984109940a1bb6acece25002e57154f5da23a07db1e
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f29499b37bd656a3741d7c3080c648e619fb80309a87fa29b80025b84953b88a
f34ff9ac7f5071b46f6b062a3e6a86152a1c83288149b3dbe3bdff1d362ec857
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fdeb3227bb247409d0c89005c1dbb348c44063cac8c3c8fa7284f7f5b9b47983
fe24864e4f53f5c791b7fd1430459727943e10f09b6ef2644f8b8cdcb901a46f
ff5da44c9aa8cd3009f6659159c6fabbec63a8bae515e3edbc28a013976b7265

sonichits.com Open in urlscan Pro 2606:4700:20::681a:22c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

330 Requests

73 %HTTPS

26 %IPv6

97 Domains

155 Subdomains

108 IPs

13 Countries

2931 kBTransfer

7152 kBSize

145 Cookies

3 Outgoing links

Page URL History

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sonichits.com Open in urlscan Pro
2606:4700:20::681a:22c Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

73 %
HTTPS

26 %
IPv6

97
Domains

155
Subdomains

108
IPs

13
Countries

2931 kB
Transfer

7152 kB
Size

145
Cookies

330 HTTP transactions
5 data transactions