urlscan.io logo urlscan.io
SecurityTrails logo

ww3.read7deadlysins.com Open in urlscan Pro
2606:4700:3038::6815:eb93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://read7deadlysins.com/
Effective URL: https://ww3.read7deadlysins.com/
Submission: On January 05 via manual from KE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 11 countries across 67 domains to perform 356 HTTP transactions. The main IP is 2606:4700:3038::6815:eb93, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww3.read7deadlysins.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.
This is the only time ww3.read7deadlysins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
3 151.101.112.193 54113 (FASTLY)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
17 143.204.98.7 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.226 15169 (GOOGLE)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
31 37.157.2.248 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.139.241.23 33438 (HIGHWINDS2)
11 104.19.130.80 13335 (CLOUDFLAR...)
2 2.16.186.32 20940 (AKAMAI-ASN1)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 4 185.33.221.90 29990 (ASN-APPNEX)
3 2.19.35.65 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 145.239.193.145 16276 (OVH)
20 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 54.38.64.100 16276 (OVH)
2 2a02:2638::1c 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
1 51.89.9.251 16276 (OVH)
2 2620:116:800d... 16509 (AMAZON-02)
1 52.210.129.48 16509 (AMAZON-02)
1 143.204.101.7 16509 (AMAZON-02)
2 2.18.234.21 16625 (AKAMAI-AS)
2 51.195.5.38 16276 (OVH)
2 2602:803:c003... 26667 (RUBICONPR...)
1 199.187.193.130 47043 (SMARTADSE...)
1 2600:9000:215... 16509 (AMAZON-02)
1 39 37.157.6.251 198622 (ADFORM)
1 2600:9000:215... 16509 (AMAZON-02)
3 5 3.33.220.150 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 34.249.18.151 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
8 18 185.33.221.89 29990 (ASN-APPNEX)
10 185.86.138.16 201081 (SMARTADSE...)
4 7 8.39.36.141 26667 (RUBICONPR...)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
3 5 142.250.185.194 15169 (GOOGLE)
1 2 185.86.137.131 201081 (SMARTADSE...)
1 3.127.165.193 16509 (AMAZON-02)
10 151.101.193.44 54113 (FASTLY)
18 52.49.83.234 16509 (AMAZON-02)
18 18 3.122.13.237 16509 (AMAZON-02)
2 2 91.207.59.213 48061 (UMA-TECH-AS)
24 37.157.6.252 198622 (ADFORM)
8 8 159.65.196.12 14061 (DIGITALOC...)
1 54.228.188.133 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 143.204.98.123 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 52.8.2.45 16509 (AMAZON-02)
2 2 35.210.178.101 19527 (GOOGLE-2)
1 2a02:2638::18 44788 (ASN-CRITE...)
2 104.109.78.125 16625 (AKAMAI-AS)
1 2602:803:c003... 26667 (RUBICONPR...)
2 6 143.204.98.82 16509 (AMAZON-02)
1 138.201.135.164 24940 (HETZNER-AS)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 4 88.99.165.19 24940 (HETZNER-AS)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 145.239.193.130 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 88.198.250.30 24940 (HETZNER-AS)
1 54.76.176.197 16509 (AMAZON-02)
2 3 84.200.5.215 31400 (ACCELERAT...)
2 46.4.62.19 24940 (HETZNER-AS)
3 104.21.94.194 13335 (CLOUDFLAR...)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 2 151.101.194.49 54113 (FASTLY)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
2 109.206.161.94 50245 (SERVEREL-AS)
1 2a0a:51c0:0:1... 48314 (IP-PROJECTS)
2 52.3.147.140 14618 (AMAZON-AES)
1 2 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 2a00:1450:400... 15169 (GOOGLE)
1 93.90.198.147 8560 (IONOS-AS ...)
1 143.204.98.26 16509 (AMAZON-02)
1 2600:1f14:b4f... 16509 (AMAZON-02)
3 34.236.231.39 14618 (AMAZON-AES)
356 86
5    2606:4700:3038::6815:eb93 (United States)

ASN13335 (CLOUDFLARENET, US)
read7deadlysins.com
ww3.read7deadlysins.com
3    2606:4700:3038::6815:eb94 (United States)

ASN13335 (CLOUDFLARENET, US)
ww3.read7deadlysins.com
3    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
6    2606:4700:20::681a:26b (United States)

ASN13335 (CLOUDFLARENET, US)
platform.bidgear.com
imp9.bidgear.com
6    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
17    143.204.98.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net
runwaff.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
10    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
31    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
11    104.19.130.80 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
s-img.adskeeper.co.uk
cm.adskeeper.co.uk
2    2.16.186.32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com
ced.sascdn.com
10    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
4    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
20    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.projectagora-adtag-library.com
1    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    52.210.129.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
p.cpx.to
1    143.204.101.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-7.fra50.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
2    51.195.5.38 (France)

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com
id5-sync.com
2    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
1    199.187.193.130 (Canada)

ASN47043 (SMARTADSERVER, CA)
www5.smartadserver.com
1    2600:9000:2156:9600:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
39    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
track.adform.net
1    2600:9000:2156:6400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vlitag.com
6    34.249.18.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
s.cpx.to
2    2600:9000:2156:de00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
18    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
10    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
7    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
2    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    3.127.165.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-165-193.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
10    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
18    52.49.83.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
projectagora-483829-hdb.adomik.com
18    3.122.13.237 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-13-237.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    91.207.59.213 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp8.sender.ltmse.com
px.adhigh.net
24    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
8    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    54.228.188.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-188-133.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    2a05:d018:d29:3602:5ce0:1e2e:863d:4da1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net
audit-tcfv2.quantcast.mgr.consensu.org
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    52.8.2.45 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-2-45.us-west-1.compute.amazonaws.com
ads.creative-serving.com
2    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
1    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
6    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
sb.scorecardresearch.com
1    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
ad.ad-srv.net
6    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
4    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
ad28.ad-srv.net
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.fr.eu.criteo.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    88.198.250.30 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
3    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.blau.de
3    104.21.94.194 (None, )

ASN13335 (CLOUDFLARENET, US)
st.bebi.com
go.bebi.com
trck.bebi.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    109.206.161.94 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 94.161.serverel.net
eu-node1.solutionslabkit.com
1    2a0a:51c0:0:13d:247::1 (Germany)

ASN48314 (IP-PROJECTS, DE)
ad.bsmartad.net
2    52.3.147.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-147-140.compute-1.amazonaws.com
q.adrta.com
2    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    93.90.198.147 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
rtbnote.bsmartdata.com
1    143.204.98.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-26.fra50.r.cloudfront.net
pix.adrta.com
1    2600:1f14:b4f:4b04:4b20:7324:37cc:771 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ipv6.adrta.com
3    34.236.231.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-231-39.compute-1.amazonaws.com
adrta.com
Apex Domain
Subdomains		 Transfer
94 adform.net
s1.adform.net
adx.adform.net
track.adform.net
cm.adform.net
956 KB
22 adnxs.com
secure.adnxs.com
ib.adnxs.com
22 KB
20 projectagora-adtag-library.com
cdn.projectagora-adtag-library.com
1 MB
19 bidswitch.net
pool.grid-data.bidswitch.net
x.bidswitch.net
8 KB
18 adomik.com
projectagora-483829-hdb.adomik.com
2 KB
17 runwaff.com
runwaff.com
116 KB
15 rubiconproject.com
ads.rubiconproject.com
smarttag.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
eus.rubiconproject.com
beacon-ams3.rubiconproject.com
pixel.rubiconproject.com
35 KB
13 criteo.net
static.criteo.net
pix.eu.criteo.net
csm.eu.criteo.net
230 KB
13 smartadserver.com
www5.smartadserver.com
prg.smartadserver.com
sync.smartadserver.com
18 KB
11 adskeeper.co.uk
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
s-img.adskeeper.co.uk
cm.adskeeper.co.uk
131 KB
10 taboola.com
cdn.taboola.com
trc.taboola.com
289 KB
10 projectagoraservices.com
ads.projectagoraservices.com
40 KB
10 adpone.com
hb.adpone.com
946 KB
10 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
262 KB
8 bidtheatre.com
match.adsby.bidtheatre.com
4 KB
8 read7deadlysins.com
read7deadlysins.com
ww3.read7deadlysins.com
18 KB
7 adrta.com
q.adrta.com
pix.adrta.com
ipv6.adrta.com
adrta.com
14 KB
7 cpx.to
p.cpx.to
s.cpx.to
10 KB
7 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
559 KB
6 ad4m.at
ad4m.at
as.ad4m.at
28 KB
6 scorecardresearch.com
sb.scorecardresearch.com
4 KB
6 bidgear.com
platform.bidgear.com
imp9.bidgear.com
13 KB
5 ad-srv.net
ad.ad-srv.net
ad28.ad-srv.net
9 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 criteo.com
gum.criteo.com
ads.eu.criteo.com
cat.fr.eu.criteo.com
widget.fr.eu.criteo.com
48 KB
5 googleapis.com
imasdk.googleapis.com
ajax.googleapis.com
fonts.googleapis.com
storage.googleapis.com
487 KB
4 consensu.org
test.quantcast.mgr.consensu.org
quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
162 KB
4 themoneytizer.com
ads.themoneytizer.com
211 KB
3 bebi.com
st.bebi.com
go.bebi.com
trck.bebi.com
50 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
2 KB
3 googletagservices.com
www.googletagservices.com
48 KB
3 imgur.com
i.imgur.com
284 KB
2 adcell.com
t.adcell.com
642 B
2 solutionslabkit.com
eu-node1.solutionslabkit.com
404 B
2 everesttech.net
sync-tm.everesttech.net
631 B
2 blau.de
partner.blau.de
2 KB
2 telefonica-partner.de
www.telefonica-partner.de
717 B
2 gstatic.com
fonts.gstatic.com
91 KB
2 volvelle.tech
a.volvelle.tech
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 adhigh.net
px.adhigh.net
869 B
2 pubmatic.com
image2.pubmatic.com
627 B
2 rlcdn.com
api.rlcdn.com
id.rlcdn.com
325 B
2 id5-sync.com
id5-sync.com
2 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
2 sascdn.com
ced.sascdn.com
56 KB
2 google-analytics.com
www.google-analytics.com
20 KB
1 bsmartdata.com
rtbnote.bsmartdata.com
120 B
1 bsmartad.net
ad.bsmartad.net
1 KB
1 mathtag.com
sync.mathtag.com
656 B
1 lead-alliance.net
www.lead-alliance.net
584 B
1 ad-server.eu
ad-server.eu
39 KB
1 media01.eu
pb.media01.eu
630 B
1 medialead.de
pv.medialead.de
2 KB
1 cloudflare.com
cdnjs.cloudflare.com
5 KB
1 rfihub.com
p.rfihub.com
780 B
1 adleadevent.com
adtrack.adleadevent.com
522 B
1 casalemedia.com
as-sec.casalemedia.com
427 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 quantcount.com
rules.quantcount.com
1 KB
1 indexww.com
js-sec.indexww.com
13 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 onetag-sys.com
onetag-sys.com
814 B
1 leadplace.fr
tag.leadplace.fr
6 KB
1 zeotap.com
spl.zeotap.com
20 KB
1 tmyzer.com
c.tmyzer.com
271 B
1 themoneytizer.net
g.themoneytizer.net
270 B
356 67
Domain Requested by
31 s1.adform.net runwaff.com
cdn.projectagora-adtag-library.com
track.adform.net
s1.adform.net
26 track.adform.net cdn.projectagora-adtag-library.com
s1.adform.net
runwaff.com
24 cm.adform.net runwaff.com
20 cdn.projectagora-adtag-library.com ads.projectagoraservices.com
cdn.projectagora-adtag-library.com
18 x.bidswitch.net 18 redirects
18 projectagora-483829-hdb.adomik.com
18 ib.adnxs.com 8 redirects cdn.projectagora-adtag-library.com
17 runwaff.com ww3.read7deadlysins.com
runwaff.com
13 adx.adform.net 1 redirects cdn.projectagora-adtag-library.com
s1.adform.net
10 prg.smartadserver.com cdn.projectagora-adtag-library.com
10 ads.projectagoraservices.com runwaff.com
10 hb.adpone.com runwaff.com
8 match.adsby.bidtheatre.com 8 redirects
7 static.criteo.net ads.eu.criteo.com
6 trc.taboola.com cdn.taboola.com
runwaff.com
6 sb.scorecardresearch.com 2 redirects cdn.taboola.com
runwaff.com
6 s.cpx.to p.cpx.to
runwaff.com
6 ww3.read7deadlysins.com 1 redirects ww3.read7deadlysins.com
5 cm.g.doubleclick.net 3 redirects runwaff.com
5 match.adsrvr.org 3 redirects js-sec.indexww.com
runwaff.com
4 pix.eu.criteo.net ads.eu.criteo.com
4 ad28.ad-srv.net 1 redirects runwaff.com
ad28.ad-srv.net
4 ad4m.at s1.adform.net
ad4m.at
4 cdn.taboola.com ww3.read7deadlysins.com
cdn.taboola.com
4 token.rubiconproject.com 4 redirects
4 assets.vlitag.com tag.vlitag.com
4 secure.adnxs.com 2 redirects runwaff.com
secure.adnxs.com
4 ads.themoneytizer.com runwaff.com
ads.themoneytizer.com
4 securepubads.g.doubleclick.net runwaff.com
securepubads.g.doubleclick.net
www.googletagservices.com
4 platform.bidgear.com ww3.read7deadlysins.com
platform.bidgear.com
runwaff.com
3 adrta.com pix.adrta.com
3 s-img.adskeeper.co.uk
3 pixel.rubiconproject.com runwaff.com
3 www.googletagservices.com tag.vlitag.com
partner.blau.de
www.googletagservices.com
3 i.imgur.com ww3.read7deadlysins.com
2 t.adcell.com 1 redirects ad.bsmartad.net
2 q.adrta.com st.bebi.com
q.adrta.com
2 eu-node1.solutionslabkit.com st.bebi.com
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 sync-tm.everesttech.net 2 redirects
2 partner.blau.de www.telefonica-partner.de
as.ad4m.at
2 cdn.adskeeper.co.uk jsc.adskeeper.co.uk
2 www.telefonica-partner.de 1 redirects as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 fonts.gstatic.com fonts.googleapis.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 eus.rubiconproject.com smarttag.rubiconproject.com
eus.rubiconproject.com
2 a.volvelle.tech 2 redirects
2 ads.creative-serving.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 px.adhigh.net 2 redirects
2 sync.smartadserver.com 1 redirects runwaff.com
2 image2.pubmatic.com 2 redirects
2 quantcast.mgr.consensu.org assets.vlitag.com
2 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
ad28.ad-srv.net
2 smarttag.rubiconproject.com ads.rubiconproject.com
2 id5-sync.com runwaff.com
ced.sascdn.com
2 gum.criteo.com ads.themoneytizer.com
secure.adnxs.com
2 ads.rubiconproject.com runwaff.com
ww3.read7deadlysins.com
2 ced.sascdn.com runwaff.com
ads.themoneytizer.com
2 imp9.bidgear.com ww3.read7deadlysins.com
runwaff.com
2 jsc.adskeeper.co.uk platform.bidgear.com
jsc.adskeeper.co.uk
2 www.google-analytics.com ww3.read7deadlysins.com
www.google-analytics.com
2 services.vlitag.com ww3.read7deadlysins.com
services.vlitag.com
2 read7deadlysins.com 2 redirects
1 ipv6.adrta.com pix.adrta.com
1 pix.adrta.com q.adrta.com
1 rtbnote.bsmartdata.com ad.bsmartad.net
1 storage.googleapis.com ad.bsmartad.net
1 ad.bsmartad.net st.bebi.com
1 trck.bebi.com
1 go.bebi.com st.bebi.com
1 id.rlcdn.com runwaff.com
1 ads.yahoo.com runwaff.com
1 sync.mathtag.com 1 redirects
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 st.bebi.com ww3.read7deadlysins.com
1 www.lead-alliance.net 1 redirects
1 c.adskeeper.co.uk jsc.adskeeper.co.uk
1 ad-server.eu ad28.ad-srv.net
1 pb.media01.eu pv.medialead.de
1 pv.medialead.de ad28.ad-srv.net
1 fonts.googleapis.com cdnjs.cloudflare.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 widget.fr.eu.criteo.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ad.ad-srv.net ww3.read7deadlysins.com
1 beacon-ams3.rubiconproject.com runwaff.com
1 ads.eu.criteo.com smarttag.rubiconproject.com
1 p.rfihub.com 1 redirects
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 adtrack.adleadevent.com ajax.googleapis.com
1 pool.grid-data.bidswitch.net runwaff.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 pixel.quantserve.com runwaff.com
1 secure-assets.rubiconproject.com runwaff.com
1 cdn.jsdelivr.net assets.vlitag.com
1 api.rlcdn.com js-sec.indexww.com
1 rules.quantcount.com secure.quantserve.com
1 test.quantcast.mgr.consensu.org assets.vlitag.com
1 www5.smartadserver.com ced.sascdn.com
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
1 c.tmyzer.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 imasdk.googleapis.com tag.vlitag.com
1 stats.g.doubleclick.net www.google-analytics.com
1 tag.vlitag.com services.vlitag.com
356 113
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-24 -
2022-06-23		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
runwaff.com
Amazon		 2021-07-10 -
2022-08-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.themoneytizer.com
GoGetSSL RSA DV CA		 2021-02-14 -
2022-03-17		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
paadserver.projectagora.info
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
cdn.projectagora-adtag-library.com
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
c.tmyzer.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2021-09-12 -
2022-09-12		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
quantcast.mgr.consensu.org
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-03-06 -
2022-03-06		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.adomik.com
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2021-05-17 -
2022-06-15		 a year crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
ad-srv.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
pv.medialead.de
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
ad-server.eu
R3		 2021-12-15 -
2022-03-15		 3 months crt.sh
www.telefonica-partner.de
R3		 2022-01-05 -
2022-04-05		 3 months crt.sh
partner.blau.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-14 -
2022-01-18		 a year crt.sh
*.solutionslabkit.com
Go Daddy Secure Certificate Authority - G2		 2021-04-08 -
2022-04-08		 a year crt.sh
ad.bsmartad.net
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.adrta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-10 -
2022-06-10		 a year crt.sh
rtbnote.bsmartdata.com
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2021-09-20 -
2022-09-20		 a year crt.sh

This page contains 54 frames:

Primary Page: https://ww3.read7deadlysins.com/
Frame ID: 8911C9448B730FABFDDED3FEAD987B2E
Requests: 31 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7FF5A04040335238C0C3DCD92EDD1C91
Requests: 3 HTTP requests in this frame

Frame: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Frame ID: 11B5ED02D1E2B770D7CB07E40D51949E
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Frame ID: 5A0523230E96E44A9C48396E68F44A7D
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Frame ID: 7520432B946F5FC50D87B3534F7E1DFB
Requests: 4 HTTP requests in this frame

Frame: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=c45f858cb8b4b094b8b6229bad96a54e3&cb=5795391641362007135
Frame ID: 8FF36CA669453625C9E5ADEA8C404E64
Requests: 4 HTTP requests in this frame

Frame: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Frame ID: BC905DD2D7161BFA8C7E58ADC0F6E242
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94293&cb=3780511641362007136
Frame ID: 92AB173F84EE66737927AF492619F53A
Requests: 3 HTTP requests in this frame

Frame: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=05bcf34b3dc8ef781ff91667b6cbe5da3&cb=5359921641362007137
Frame ID: FAA2BB4EC8C6AB1B0AA16D9D8B477BEA
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=59338ab25f27652e7e47e53fbab83cd65&cb=3864951641362007137
Frame ID: 3C000A0A3C04625A5532343AA3EA10E7
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Frame ID: 0A99525C9D8223E9F9ACC790E3472279
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=8861991641362007139
Frame ID: 291F2593C51AFB2119FBCEE18E2124FA
Requests: 8 HTTP requests in this frame

Frame: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1957367064e5b26088677bc61fc98dc01&cb=3455941641362007140
Frame ID: 40A4EE57D625363E8C0089BE9AB5DDAC
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Frame ID: A539E96566FF0D81984CBF8FC4E25B11
Requests: 32 HTTP requests in this frame

Frame: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=60f0e959e67789b550dbbeaa782904915&cb=8367551641362007141
Frame ID: 668EDCB34D72391E09CCF9227B98BF9D
Requests: 2 HTTP requests in this frame

Frame: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=69a1ae274eff659621cc5da174992f8b1&cb=9206771641362007142
Frame ID: DF7541829B332C40FDD834BBA6576D27
Requests: 4 HTTP requests in this frame

Frame: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=c875f76156c3307c45687011d2d8e2cf3&cb=2932131641362007142
Frame ID: C92376650B9694811BF1EB08A8C44662
Requests: 2 HTTP requests in this frame

Frame: https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.js
Frame ID: ACC505E5E762AD9B64B156885D3B8D4B
Requests: 11 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: D5EF4FB5688CEF0EB67DE181D890A148
Requests: 8 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: 26920CDA9F4DEF5FC9DDC15ADC5E8B73
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1641362007481
Frame ID: A7295EE87E571B4901B777D9B24781DA
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: AE293C152A3D594D2769B952D6C4C776
Requests: 8 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: 8B8BD077E4A6AC8350CFAAAC38E0FE40
Requests: 8 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: 63853CD2D3A0883B7D44D34A61B0D9B2
Requests: 8 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: BD57D423BD60DE694D1B5B1FF0C03002
Requests: 8 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: 76DCCF54C4784006CF4913FF955CB822
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: C6D36195C119B6A363FCF8FEC315F96A
Requests: 8 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Frame ID: 8A1DA934EF367DE0EA5C484CE97E3D8F
Requests: 8 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/17210.js
Frame ID: AB6DE5F131BCA6F33C8BBF4C3247B306
Requests: 3 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Frame ID: 972E8DF2B19FE7E535290D72533E8FCC
Requests: 7 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=29848506;rtbwp=6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0;rtbdata=eIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kUE0gydNGo0qHMLsI0XOHfszOevCoUmbrHCuXkiZeM4a62CBBDm805T7WXJg35mTxt71AOlDcCMQLzGSJvWRmeQZqdjold7QTERL-suXRRXTtzvLaQ0rS3K0F6vhOHP1YiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8edZr-qLRqiTsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kt64QP1LhUcZxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziw_25nsNlC37er1pltXZUmg2;
Frame ID: 3194545F22A76981CB0E3D742F2DC27A
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=46016408;rtbwp=_1GWNEh9ei5mZQIeozaLU60WvdyprACV0;rtbdata=OS-8pJ27cx0WgqrA_STPLyiDO35psc3XPCecQNkDNG3itEDe_q0hDNZoOBUBnOpYe5sfN63X0TjYLcajdAV4UbtD8o44SJMTpJYSvysFFqQf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5iVCAMkSs4xOyWRzRYEgE2uOPrlth6P6armiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=DJpz_uRRh8V42u1ywTJ-2quDWUnT6fr_fiNMafvSA2A3_QvwpezOn5DzZ4xMx-m2huuso-CINz2_WlveaTmAp2I_2HtB8IE_N6mbb00j41qYBirSxcubzQFMirXwUx5DxjAMvfKFxlV0xWzavoWC8SAdGESHbPwmL3iadT8Wn-hmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyR77vrXzyh3jA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-2HB7qdyzBKJ8jNvcRCqvx_er1pltXZUmg2;
Frame ID: 90303CD2B22D9B677172164CED9A617D
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=49007064;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiVp3B2MBGfqyW3NFcOMrER3i6BgtVR4iRPTo_Xaoj_Q3TYjw-lYUkmAThXVWmxms1sw8KJnD3qS_gmFek4aBsF23xFIFr1TVKIf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h9yF3z6YcT7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pIVd-zMCINJ42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m29uQl86fFeu6ez7MnhBBbYnj2Vo_6ynXT4pAl-FeOX65hHPQC0c22XDm6qh_7jq0mwk2d9yW1jwjgwP8GB6BffTO6TTrbqmp-TgHquwWdt8NmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXfSNcr8kJj_A7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-39gw4qdjhLIQJjFRM1GLPzer1pltXZUmg2;
Frame ID: E9592E12C18ECDF27A23B289737BB918
Requests: 10 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=43382956;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=YGm-oxVB5VY3OOhFL6P9OjMgvXe9qdTVHqyFO23zmppE0L4JMUaJuGS2q5jgA5HHjD25hKEaG-2hyAMArvKtIfMDsfRo9_yEH-AiX6BpLdsf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5gf1UDCeeOr85M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nkuY11ankpV42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2huuso-CINz3FSR2hpWoWJy1vuz9Iw4XdNJAaJcnrq0MK9cBCoinYK9T9EGiga-5CEUYwnwyOtCm0x3vNumGUlb6Cj_WUj5uSZbhL_hb2XmxmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyZTyXvmQMdmBA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-0uTTepJXYWlcxrSqG4D8ener1pltXZUmg2;
Frame ID: 2871979446B3AF1ED113D49A21A3B584
Requests: 10 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=41375921;rtbwp=jTJEi6lyVxRwvACUNAplWEOZ5ysc03F20;rtbdata=eIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=H7L-ACt8rWgqHMLsI0XOHaYCMasHf3U9WWfrJa27o1EIwgZLVnK38ZT7WXJg35mTsWm9lSvFgU0VKq_ZeHwv4r2k_upbjD_acM3c8kXaEpCMfW3Y1YU_8TQk20iY9v-CXmv6k211kQhRZjjBC_FqK4Fb9fToB8oe88pdwsHbbCjsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kv8fUVQeqGooxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziQlcrm-xXxIrer1pltXZUmg2;
Frame ID: 0EE5545326535B1D8656C58523909A98
Requests: 11 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Frame ID: CD5A0187193AFE3BDF59144AFD8401A2
Requests: 7 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=43813379;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=TDzh2E8KtAC6GCnsnLh_2KB4FCnJnUbss0UviCqgi2fI2XHMwN1VMfe--5-00Wf9nqTud5vmtzCDJeZEoLSZXZ5eJZiqEybJDnyQvxeLnYwf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hUiY3ROKkd7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=4Yzbs-1CEK942u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknQwfwjjKRbZvSBbo2uPq5Vo53C_x6OdRxrgWxrYIAABn40HoKpL4vrnuCJkQUjnAzuGzZbjRLGHVIwCppaYOvJfvNN-3Ocg4PNmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyQ-tkKrLvAipA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-w0KEFlwcPxfwAXo7n9T0vDer1pltXZUmg2;
Frame ID: F6914DFB0EB77B38C916434631E94F24
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=48901592;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=XlhCeRPicv4Lc6Hl37mzYNLbMF9KH8df3cNWiBHK2HMGvXL_1Mm6UjIQIJOmZt0pid6ZQaWmOMz54CVtxFgAnIXOBwuNDCTlr3ZiRvhiEBUf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hKSie-Yu2WiJM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R_3GY5gH7Jl42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknTihnZDn9ZRKFutntqTKJVfcUSfLp2dSRQoglohtwPM3okomu5jHCptS37UNf_Cgmd-VX2gK7OpziYFmDyqXAG8LYq89bONE1dmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyYFF0eM-ku7AA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-4Jcy2TZWfo0t2Aai-R-6Arer1pltXZUmg2;
Frame ID: 9C1CD95A7EB85FEC30BE0D37DE112E21
Requests: 10 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=44599442;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiWAMOCj6MihYNkx8G7B_1tA6TzgLYuOtmzSkzd7GbUwDmS2q5jgA5HHAx9UdYsCqnCx9zN8OhROLb3DvXhlYUdW81bz57zJ8p4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hT6GyHqVsKy5M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZLq63NXtHLp42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2bwGiNYYJprETFzXf0NXnEWPntm_JP3OFzTo0G4z1ptfZowXvyBkP3KY9XkJnRlQd-XGN0Z0aUaFxXNX3rDu5jXKdpUaiVHKxy3ZGcmwcuX9mkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXhfv4YQqA8vA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-6fla7r_yYst3p8szPs1HM3er1pltXZUmg2;
Frame ID: 99FFBB6DE6C10D17B618AA4610F4E0E9
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Frame ID: DCE40DD25FC3C5D3274C5603F3B72003
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 2AD6A6022A14679F3550E9A1D89302B2
Requests: 10 HTTP requests in this frame

Frame: https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=7944&cb=61d53257b4885c1ad18a77509935d828
Frame ID: 34C4C279A7C0C0CE660494858FB744C7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 54D5BD9BB7CD0A0F83EB150C49D6830C
Requests: 1 HTTP requests in this frame

Frame: https://ad28.ad-srv.net/request_content.php?s=41621600054934500975154011830028&a=d419e564
Frame ID: 463B4EF5F18D869C756F14C4F24C68DA
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=48871&b=gVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTe&f=BjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcM&c=300&d=250&e=&g=8c14d4ed3e9e0cdfa7dabf9b240bd64b%2F4124043073926145936&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641362008775&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375921%3Bcrtbwp%3DjTJEi6lyVxRwvACUNAplWEOZ5ysc03F20%3Bcrtbdata%3DeIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1%3Badfibeg%3D0%3Bcdata%3DsDSga7UIWsUSR9aSkl7IFxX5u_jltkcBt6yQai50qQ1VMk3-ue_YyRh_H0HwcdxioVYNgMpU_bW2caLdAVTuB_yTR9pqGRlbq3q9aAJ7oUkc2KoPXmXGu35TGdD_LVfEuAl4_azxGJ_hX--73ctyaEP66xFYBxBKV_kuSIP1Hy0jX8lBZJUxBMgPTkQKWv-V9F4FSgop3u9wFc3i0qijye6cTLN33yP8VgWaNeUee1rGyxsoX2UP0QRO5z1Lu3PGEqENjM7Ub2Wear1og7imtCW5ZJlqRvSYjPqXl7DcAeW0Gza1ke3d6USS52OAZXk_qv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxUhzUWyRXs53sM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&y=0&z=0
Frame ID: A53D1DFDCAFCE7D1A1FE84D5F3BD903F
Requests: 3 HTTP requests in this frame

Frame: https://platform.bidgear.com/async.php?domainid=1042&sizeid=2&zoneid=2125&k=5c00c68a67ca2
Frame ID: 02BFC5F6690E311C577E539E320DFFC0
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50149&dt_subid2=41621600054934500975154011830028&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 86EA1C8CAE9E0D681D6F22DF41674745
Requests: 1 HTTP requests in this frame

Frame: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138148FSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros&camp=channel7&size=300x250&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138148F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138148F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros%26deepurl%3D
Frame ID: A58932D7A66D58391FAEB0E9586A82B7
Requests: 3 HTTP requests in this frame

Frame: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2022010506532861507417127X117665V1225131106MSoneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros
Frame ID: CB4878D12EA7502ACA2D7FD8B5C1E252
Requests: 1 HTTP requests in this frame

Frame: https://st.bebi.com/bebi_v3.js
Frame ID: 308616955542D7302BDC8604D6744089
Requests: 6 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1641362009145686457866&consentData=&gdprApplies=1&uspString=1---
Frame ID: 00CA3BD7560E6B812646B735BFE7FDE0
Requests: 1 HTTP requests in this frame

Frame: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=9673&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6ImEyZmRhZDI1ZDkxMWE4YTRiMzk4Mjg3NTlkMjgyMzYxIiwiYmlkIjoiYnNkXzNfMjVfNzMwNjFkNTMyNTkyYWIzZSIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoid3czLnJlYWQ3ZGVhZGx5c2lucy5jb20iLCJjb3VudHJ5IjoiREVVIiwicHViaWQiOiI3YzUzNjc4ODQ4ZGZlYTJkNGEwNzU2ODUzZjBhOWNjNWM2YzBlNjQ0IiwiaXAiOiIxODUuMjEzLjE1NS4wIiwidGltZSI6MTY0MTM2MjAwOX0%3D
Frame ID: 2723FE275765C51BF1F7F8285D07A559
Requests: 3 HTTP requests in this frame

Frame: https://q.adrta.com/s/bzk/aa.js?cb=fdeb09a41991385c839dee7d501911e7
Frame ID: D4C75FCBF6F2BF1645ADEDA0057BD76D
Requests: 8 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=252795&slotId=77305&pv=1&subId=bxkhszaahxktakmaskwuaaapwnxwkm
Frame ID: 33F06BE0EC5867BD9C59A527D982786B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Read Nanatsu no taizai/7 Deadly Sins Manga Online

Page URL History Show full URLs

  1. http://read7deadlysins.com/ HTTP 301
    https://read7deadlysins.com/ HTTP 301
    http://ww3.read7deadlysins.com/ HTTP 301
    https://ww3.read7deadlysins.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

356
Requests

88 %
HTTPS

35 %
IPv6

67
Domains

113
Subdomains

86
IPs

11
Countries

6466 kB
Transfer

16679 kB
Size

77
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://read7deadlysins.com/ HTTP 301
    https://read7deadlysins.com/ HTTP 301
    http://ww3.read7deadlysins.com/ HTTP 301
    https://ww3.read7deadlysins.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://secure.adnxs.com/ttj?id=18287125 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18287125
Request Chain 96
  • https://adx.adform.net/adx/?rp=3&bWlkPTc1NTc2MyZybmQ9cnRkbWdtZHNjYnl4bGRybndxMHY&url=https%3A%2F%2Fww3.read7deadlysins.com&callback=_adform_cb_1641362007632_7287018468328268 HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTc1NTc2MyZybmQ9cnRkbWdtZHNjYnl4bGRybndxMHY&url=https%3A%2F%2Fww3.read7deadlysins.com&callback=_adform_cb_1641362007632_7287018468328268
Request Chain 133
  • https://token.rubiconproject.com/token?pid=34010&puid=177d0aeaf7f7ca9&gdpr=0 HTTP 302
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KY14K6LS-P-2CO0&customParamenters={p:customParamenters}&gdpr=0
Request Chain 134
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddaec58cd-bc0a-41c5-b9c4-fc8037a200e2 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddaec58cd-bc0a-41c5-b9c4-fc8037a200e2 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9853198D-69D3-46C1-9A1C-00A0024EB908&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&google_gid=CAESEJ2sSk4-kpcibzqWh6ryoI8&google_cver=1
Request Chain 136
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddaec58cd-bc0a-41c5-b9c4-fc8037a200e2&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&gdpr=0&cklb=1
Request Chain 137
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=92e69f55-1916-4f34-9082-365b54ecbd05&dsp=TTD
Request Chain 138
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fww3.read7deadlysins.com%252F%26url%3Dhttps%253A%252F%252Frunwaff.com%252Fstat%253Fi%253Du1dvjpo9e55sy80hm5%2526a%253D05ce0684c5396c5bd68c434103884dbb3%2526cb%253D3233571641362007140%26hn_ver%3D38%26fid%3Ddaec58cd-bc0a-41c5-b9c4-fc8037a200e2 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=4294195725904454246&pid=12763&ref=https%3A%2F%2Fww3.read7deadlysins.com%2F&url=https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D05ce0684c5396c5bd68c434103884dbb3%26cb%3D3233571641362007140&hn_ver=38&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
Request Chain 165
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=d93303c2-dfbd-4077-a069-08acb99e81b4&bidswitch_ssp_id=adform HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=d93303c2-dfbd-4077-a069-08acb99e81b4&bidswitch_ssp_id=adform&bounced=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=uLpbnBI6o6FV.AikABlF-KMypng&expires=30&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 166
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 167
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=4f2972d8-becd-4cc0-816e-6b5fa8ebcf6a
Request Chain 173
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adform&ssp_user_id=d93303c2-dfbd-4077-a069-08acb99e81b4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171315486&expires=5&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 174
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 175
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Request Chain 182
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adform&ssp_user_id=d93303c2-dfbd-4077-a069-08acb99e81b4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316337&expires=5&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 183
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 184
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Request Chain 189
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=92e69f55-1916-4f34-9082-365b54ecbd05&expires=30&ssp=adform&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 190
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 191
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Request Chain 196
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adform HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420006313731&expires=30&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 197
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 198
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Request Chain 205
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=d93303c2-dfbd-4077-a069-08acb99e81b4 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=d93303c2-dfbd-4077-a069-08acb99e81b4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c21dc9f7-fc9f-46fc-aeb4-8c7e4b91e2f3&ssp=adform&expires=30&user_group=5&bsw_param=d93303c2-dfbd-4077-a069-08acb99e81b4 HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 206
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 207
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Request Chain 212
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=92e69f55-1916-4f34-9082-365b54ecbd05&expires=30&ssp=adform&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 213
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 214
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Request Chain 219
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_uid=d93303c2-dfbd-4077-a069-08acb99e81b4 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_uid=d93303c2-dfbd-4077-a069-08acb99e81b4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=4df8561b-f3e8-41b3-869e-f0458533194c&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Request Chain 220
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Request Chain 221
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Request Chain 251
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008436&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32a33755c3d97ef8fe86d19%26cb%3D8861991641362007139&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008436&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32a33755c3d97ef8fe86d19%26cb%3D8861991641362007139&c9=
Request Chain 252
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008437&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fcounter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f76156c3307c45687011d2d8e2cf3%26cb%3D2932131641362007142&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008437&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fcounter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f76156c3307c45687011d2d8e2cf3%26cb%3D2932131641362007142&c9=
Request Chain 256
  • https://ad28.ad-srv.net/request.php?zone=eksdh605elp4&nw=14&renderingType=javascript&namespace=b59969a15c&subid=1755969044014056067&uid=609d6f4854258d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&extVar[]=ADFORM_SSP%3A2464&extVar[]=ADFORM_DEAL%3A&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D29848506%3Bcrtbwp%3D6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0%3Bcrtbdata%3DeIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0%3Badfibeg%3D0%3Bcdata%3DdRMSWUFXud8SR9aSkl7IFxX5u_jltkcBt6yQai50qQ2Yaw3g2oYQwPK2IVJ_EYQrLzlEG34cFtm2caLdAVTuB3PXmYUAPADzfFpWph-XsVgAi202Irm-QiewlGOyKqbX04oPlsmoZHdLBmfU3vZW4ifyihBHUGtOF5kJaqCy6R6OnfTt5I7DdkgmzpgIlYr19ee0vC5Qr89a53DH7siR6mcD5cQEkUHeZSutLuR0vckwA3YpllK5CPPJgnJtfXvXqL1T0nMbHyWear1og7imtCW5ZJlqRvSYjPqXl7DcAeWRazMCMmWo0hl6tj4WQo9cqv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxba_BNuQynwosM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D8fea93fb728874b1628b7aac65a76abf5%26cb%3D5502431641362007132&ancestorOrigins=https%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Fww3.read7deadlysins.com&random=207303658993&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
  • https://ad28.ad-srv.net/request.php?zone=eksdh605elp4&nw=14&renderingType=javascript&namespace=b59969a15c&subid=1755969044014056067&uid=609d6f4854258d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&extVar[]=ADFORM_SSP%3A2464&extVar[]=ADFORM_DEAL%3A&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D29848506%3Bcrtbwp%3D6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0%3Bcrtbdata%3DeIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0%3Badfibeg%3D0%3Bcdata%3DdRMSWUFXud8SR9aSkl7IFxX5u_jltkcBt6yQai50qQ2Yaw3g2oYQwPK2IVJ_EYQrLzlEG34cFtm2caLdAVTuB3PXmYUAPADzfFpWph-XsVgAi202Irm-QiewlGOyKqbX04oPlsmoZHdLBmfU3vZW4ifyihBHUGtOF5kJaqCy6R6OnfTt5I7DdkgmzpgIlYr19ee0vC5Qr89a53DH7siR6mcD5cQEkUHeZSutLuR0vckwA3YpllK5CPPJgnJtfXvXqL1T0nMbHyWear1og7imtCW5ZJlqRvSYjPqXl7DcAeWRazMCMmWo0hl6tj4WQo9cqv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxba_BNuQynwosM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D8fea93fb728874b1628b7aac65a76abf5%26cb%3D5502431641362007132&ancestorOrigins=https%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Fww3.read7deadlysins.com&random=207303658993&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Request Chain 310
  • https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2022010506532861507417127X117665V1225131106MSoneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d0761d5-3259-4b00-bba1-4d0296a71f38
Request Chain 318
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YdUyWQADNkX_6AAF HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdUyWQADNkX_6AAF&_test=YdUyWQADNkX_6AAF
Request Chain 320
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY14K6LS-P-2CO0&sigv=1&esig=2~69c0b953c9764e50e56d412d3dd73982f69502b5
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG224Qx-8C6WtmKaC__rPW8&google_cver=1
Request Chain 323
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxNEs2TFMtUC0yQ08w
Request Chain 324
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNmNjMzNjEwOTdiMWE1OTk4ODhmZDNkNWY1MjFmNzMwNGFhYzEyOQ
Request Chain 345
  • https://t.adcell.com/p/image?promoId=252348&slotId=77305&subId=bxkhszaahxktakmaskwuaaapwnxwkm HTTP 302
  • https://storage.googleapis.com/adcell/external/banner/8880/1611303851_219x211.gif

356 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ww3.read7deadlysins.com/
Redirect Chain
  • http://read7deadlysins.com/
  • https://read7deadlysins.com/
  • http://ww3.read7deadlysins.com/
  • https://ww3.read7deadlysins.com/
28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712550505278953bfe5d74e31bb085aac51ca748fac9f032f61418e836c166d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FvyWbgEM8wIiGR48OFvY9Gy3NSmEEZbtdnBLyayJeX9ngvZ3n1N%2BJjE7pT5j8JQT3j9ygVE94pGuA3FJybCAeFOD0kEAUPmETVsa09MHM0b9Id6jSqWPRTQgSwss4ShIJgmqE1wnT0dFtMvGcyRTiUkg8MxtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c8a723d99e77762-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 05 Jan 2022 05:53:26 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 05 Jan 2022 06:53:26 GMT
Location
https://ww3.read7deadlysins.com/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQbPKdSGnao8Ozg5uVR2FFrvHMY2Smu%2BZPiZmVw27Yq35FjlAsMS8NmI1LPOWjpjt9bHEnvu9ILy98ec2APrSPQJ95SAYcy4h0AdxF3h1tsDo6O4KtPezMmiX3elkI0yUzmyWNiF37b6jsrglVxpO2zgLwxtHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6c8a723d6ceb75d7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.css
ww3.read7deadlysins.com/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ww3.read7deadlysins.com/css/app.css?id=174561909a91adcf8026
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08c294c8231ec572510659df34092e05d02680dc3c4738bf2cf33c398d41df8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1912167
cf-polished
origSize=12032
x-server-powered-by
Engintron
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 13 Dec 2020 06:03:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FH%2B1lkDvtQ378GHSCo8XpMDPpQ2YyV5t%2FSevOuoKkReVpKwxag2QKPjXrGHSB2sjc27p1s%2BoNmCCnSSUvNwo1Z%2BEvp9FappOC%2B3BhT%2B1NI4s%2FxzqX3rDAHi2jFzHIZoNNCABkyuTQcXKTGnpOsT0WErtVWyXNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6c8a723f5cfe7762-LHR
expires
Thu, 13 Jan 2022 02:43:59 GMT
IWdMiG9.png
i.imgur.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/IWdMiG9.png
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a733719e0ba21dbd1a691a459642d9037d594d70b0026b25836b6f75b290e5f0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
x-content-type-options
nosniff
age
2410026
x-cache
HIT, HIT
content-length
12352
x-served-by
cache-bwi5135-BWI, cache-hhn4028-HHN
last-modified
Tue, 30 Jul 2019 11:59:29 GMT
server
cat factory 1.0
x-timer
S1641362007.959320,VS0,VE1
etag
"a3f5ceb17a617e1c28cad27623b77254"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
kIVlOWS.png
i.imgur.com/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/kIVlOWS.png
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
162eaee62eb9c97924a1b8a991f01364cc21b515c75de25810219c5396bd0bb0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
x-content-type-options
nosniff
age
3015057
x-cache
HIT, HIT
content-length
18887
x-served-by
cache-bwi5142-BWI, cache-hhn4028-HHN
last-modified
Tue, 30 Jul 2019 11:59:28 GMT
server
cat factory 1.0
x-timer
S1641362007.959405,VS0,VE0
etag
"b6667f12053f4b82d0d91e4516b36b44"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 11
rocket-loader.min.js
ww3.read7deadlysins.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww3.read7deadlysins.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 26 Dec 2021 13:15:20 GMT
server
cloudflare
etag
W/"61c86ae8-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21EM0bBQT2lsQZHRymJdvs6AOJ88viwYPhe1QT7DqGSII9Ty1P2T8z0xrcNEzej%2F22KXalz%2FYaO6MypUyMZrGx6Mkx8cuY1EcoAOip09mvT1cIWcVeUDDfvFCPf%2BSAqgUw1oZqNJTYhBqBOL0oFARg0QenP%2BBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c8a723f5cff7762-LHR
vary
Accept-Encoding
expires
Fri, 07 Jan 2022 05:53:26 GMT
site.js
ww3.read7deadlysins.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww3.read7deadlysins.com/js/site.js?id=ca2a20a8c234365793d1
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48006243aa1ece4f57a63dbe9c95e67f68b04c3caec2bbd87eebd63f7a7368b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84203
x-server-powered-by
Engintron
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 13 Dec 2020 06:03:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLRh%2B25eoHYSuIhbokHUNGQPFbe2eQarXXhqAbzfmZBtwQaDMGSxSZMMCWwxNOWjyCoOabQ4z01xaWHUSn%2B5VOxQ%2BHfRRXJntnGbLWCVIWErdGocrZTN%2Bmttx77xwJPjpJmn7gxi%2FnfVDf4Xo%2Bl5O1OSn4YKHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6c8a723f9e4171de-LHR
expires
Thu, 03 Feb 2022 06:30:03 GMT
ads.js
ww3.read7deadlysins.com/js/ 		17 B
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ww3.read7deadlysins.com/js/ads.js
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46220b9b3ca7fbfdd2450e6ee0039dcc9e10c6a7e9c7fcbc67eb4dba65bf5525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
939524
cf-polished
origSize=18
x-server-powered-by
Engintron
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 13 Dec 2020 06:03:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOEnKOB7VSQ%2Biys%2BQK7H9Cdlqgrnah23p0THBcdNJJfpkyR%2FrqyvAJZzWXNM0bJEMwaaOkrXtmR3eznjkFLTljWWZ7ygNL%2Fw449S6nb28V0BNQtX2rResQ7mTylEZFtOURFAwMZQ18AQ0MhcMZmnH6%2BAsIA8lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8a723f9e4471de-LHR
expires
Mon, 24 Jan 2022 08:54:42 GMT
async.php
platform.bidgear.com/ 		705 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.bidgear.com/async.php?domainid=1042&sizeid=16&zoneid=3323&k=5c8f8377499d1
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c668e2916d4f9aeacbb6f545a645f0882204e7e3928b3f62b5aff3de136c1c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3M2GqlvtJLM94jNotWM1OWosXqe53RPjUgJ41Pp6zrq5BEQ7c5J%2FZ4Jt%2FetlA7CMD7RdosB7rcRJzzEifyMqb2P6n8sBjbhfHP2SY7jrz6HmAKYflReHeXtxdZgsx3soNumMK%2Fx3IXyvtP6YgkKHy5A"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cf-ray
6c8a723fdc0e755a-LHR
/
services.vlitag.com/adv1/ 		932 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=87216b358402869b1c0e66facfc9ae3c
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aba4d0a4279e58cae123cb832ef4d73de5c68c2d5157bc286786c02a868a274

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 5 Jan 2022 05:53:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6c8a723fc8d501df-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
OjeMpsM.png
i.imgur.com/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/OjeMpsM.png
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
3ebc579d2a5ea97acdb56edfb0e2a98e4d41f4f3db179fc1847bd50251d2251e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:26 GMT
x-content-type-options
nosniff
age
2244088
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
259184
x-served-by
cache-bwi5156-BWI, cache-hhn4028-HHN
last-modified
Wed, 15 Jan 2020 17:37:03 GMT
server
cat factory 1.0
x-timer
S1641362007.962358,VS0,VE1
etag
"55ce2a027cb59b529866b90c37a711cc"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
t.js
runwaff.com/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
ff73531e17ba0f85fdd45b14866c1d2a73fe7e194ed79c29fc0a4ad57c3e8ccb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
oRaGb3mZhmkWVZf5DZgyfnKLnawOp6fGXeTRuqokVbiVFtbihCrgaw==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1113
date
Wed, 05 Jan 2022 05:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 05 Jan 2022 07:34:54 GMT
html
platform.bidgear.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.bidgear.com/html?domainid=1042&sizeid=16&zoneid=3323&wu=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/async.php?domainid=1042&sizeid=16&zoneid=3323&k=5c8f8377499d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9e1dfe02052bfb822d4ade042ab6af99bbfdf6e37cfef0b6c5386351ff096d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2RaekDOswVlS6hZ49tH30SiMtG1FBDDEadXpOwaZPEcTpcxImRuxSnaqmJGkMJPSaYgWYqdXwLL5zExTYsBqo2mRvL4HnlziYW0mba%2FjTmqZz0lfGKGz5J4hng0kIs1Hm6KXozFRBwV5oktfhwp8btq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c8a72407c7e755a-LHR
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7FF5 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
a39c434ed12e9707bff709c0cdb94247ab1468dbed0fd4db5250d59051c501f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27031
x-xss-protection
0
server
sffe
etag
"1092 / 138 of 1000 / last-modified: 1641335921"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Jan 2022 05:53:27 GMT
prebid_v4_38.js
hb.adpone.com/ Frame 7FF5 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4987
x-amz-request-id
E26T68XEBZ7199DQ
x-amz-id-2
siGtRybaimLQULxye29uVa79zvqtgApVuUkdgVBiCy87cMewC+IIJdtF5ZSmuF20+qwiRB6ca80=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGGogh9tOSRFIgL4DXyIhhxiBLoXqjf6jkQxBtjDR7sOO%2FGxSytB631iDnsSDJKQY%2BCCkoth2sqLeyk99TUDJ3tPG7wo%2FGEYe135MrQPQo0HlvydjhDzKkxKF9ZJFjtMY09FB1u%2FwSYy8LY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6c8a7240ef81776b-LHR
sync
runwaff.com/ Frame 11B5 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Bx7MX160ZhBnL2glYsAAits0sal1oVAJCqy1O4pNQVoLDoUPxprLuQ==
counter
runwaff.com/ Frame 5A05 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MPTNi46KXzvNsbnt6qLtCXEfHaxd3p8R78dwn_uuY_0tLEzfNUdXag==
send
runwaff.com/ Frame 7520 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
2124bbf59d34ddfba4fe4783a07a7eb47fbd67c2b13188c17686599338e9f99c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
vary
Accept-Encoding
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Hq3poE2JbNymfrhspkHyurLi12HVNH3BQzHkjsfD6f2Wt8h1m48zDQ==
user
runwaff.com/ Frame 8FF3 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=c45f858cb8b4b094b8b6229bad96a54e3&cb=5795391641362007135
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8e3e3d82bd605e9b6484ef5ad816eba871aa1fb5a45033eb8b7f82ae39d07ac6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nTjWA3DMyEd2K-CGBVsbYki_TPaOs1IQtr-angkn32OA2z2nVON0lQ==
sync
runwaff.com/ Frame BC90 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XXmP0zelWxJmtYQ6TGRZixcwxm3gRfRmxjCAHYNniVdEehksusrEig==
counter
runwaff.com/ Frame 92AB 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94293&cb=3780511641362007136
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
7cd25cfdaa711da7ba54081aaf6d9962b606b5f3269b446c1096f7cb7a065026

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
mPjoz7CHkGO41HSpPAYkGK_cfTegxbsz5fUFav07iO_ESW8C2RbSQw==
counter
runwaff.com/ Frame FAA2 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=05bcf34b3dc8ef781ff91667b6cbe5da3&cb=5359921641362007137
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
PC6ZeJ1UBV9MpEGRiIUZG5hSI2ScivR-br1xC659hGSgVy8OLAQTfQ==
user
runwaff.com/ Frame 3C00 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=59338ab25f27652e7e47e53fbab83cd65&cb=3864951641362007137
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
llVwJxeDHrji5jcgbFdHJAXBMxdqNfa9LOgvYKAlN2y6BFQmDW1SvA==
send
runwaff.com/ Frame 0A99 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vxxzzusz9VEsv2oKy_YzAxUdKXnGMBuM8UptPofIvNjAdxetDaV_Wg==
sync
runwaff.com/ Frame 291F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=8861991641362007139
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
24fb697da0be2b16388fb4cebaac3f1bfd1ef924bff56e4a22cf52755eb7dc21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1678
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
bbKEsUcwcZ-zZOuk2KM9Edy2FvisFrsKNs9ZKj8SFaIiPnd9oeKqZA==
sync
runwaff.com/ Frame 40A4 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1957367064e5b26088677bc61fc98dc01&cb=3455941641362007140
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2GdFCO1trFMsA1V-sGibBYfXgrA48G_w6LGPL4UkA9y5DaP6PMdQ2A==
stat
runwaff.com/ Frame A539 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
806cc912d72e22caa84fdd0472a0ee11804e9a58ad489486456a8a0551194d91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1719
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
RpcDeNm1GgyHRsFImTf9lVBTyvRHtZcMaU2FMKegA8Bgy7D3q9MMwg==
user
runwaff.com/ Frame 668E 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=60f0e959e67789b550dbbeaa782904915&cb=8367551641362007141
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
iS8-0P92-dxrqQCDzBuBMz14_UXn4VrQRGHSCStDHSgHkI12Fj61IQ==
stat
runwaff.com/ Frame DF75 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=69a1ae274eff659621cc5da174992f8b1&cb=9206771641362007142
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
6ed07947c2ba39356b45c1cb6b84d7a6cd8f1172b0cb7af6e31e838196a994a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1633
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
45lSzxScJiRBVNYuVkpXFIA-EGEJvxvir6Cf0c-4pXL1FJ4hqVkefw==
counter
runwaff.com/ Frame C923 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=c875f76156c3307c45687011d2d8e2cf3&cb=2932131641362007142
Requested by
Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=4699241641362006994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Jan 2022 05:53:27 GMT
x-cache
Miss from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KeDeDgNTX0jIyvz06Od6EhXUA8fazdfL3wCH1tshGCa9KEYKWJKP3g==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=46092920&t=pageview&_s=1&dl=https%3A%2F%2Fww3.read7deadlysins.com%2F&ul=en-us&de=UTF-8&dt=Read%20Nanatsu%20no%20taizai%2F7%20Deadly%20Sins%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1380662669&gjid=1504035090&cid=608927346.1641362007&tid=UA-149279885-2&_gid=489424929.1641362007&_r=1&_slc=1&z=1499406226
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ww3.read7deadlysins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ww3.read7deadlysins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
services.vlitag.com/uv/ 		13 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fww3.read7deadlysins.com%2F&mtk=2044
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=87216b358402869b1c0e66facfc9ae3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 5 Jan 2022 05:53:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://ww3.read7deadlysins.com
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6c8a7240ed62233d-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
87216b358402869b1c0e66facfc9ae3c.js
tag.vlitag.com/v1/1641289175/ 		508 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1641289175/87216b358402869b1c0e66facfc9ae3c.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=87216b358402869b1c0e66facfc9ae3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9eb121455afc217376eb0dd9b4bbfa0ec9be3735e3dffa25685616dd9c2ee56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Jan 2022 09:39:44 GMT
server
cloudflare
age
70485
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6c8a72410a6b01df-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
adx.js
s1.adform.net/banners/scripts/ Frame 7520 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
prebid_v4_21.js
hb.adpone.com/ Frame 5A05 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRY7VepTptMxJjx2dSrADyVEAIHopdlevVMHkjhwcgmXAyNyZfSNaj0gGtYEQ2bQNgG075gDVWO5UV2h1XtnLWol%2FZaG7ni%2FM2WdKjRE87lXLBHPKvPs3e5m%2BiJgxroJOO9EUSZRsFOfBVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a7240ff9a776b-LHR
prebid_v4_21.js
hb.adpone.com/ Frame 11B5 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FibWgRyVqQpVJ5HIuLN6sKgvW4kFYYINf3WWNMh8qfo%2BV0FiCxqK1pPB8cZsI2bnJiMNYdcTC5yVqOcvk378GYGSUV1AYbHQc19NUQRPhBdqXRHem0e%2FoV7jsuZVlW1Or5hfKeaVDYatSb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a72410fa5776b-LHR
pxl.jpg
runwaff.com/ 		597 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://runwaff.com/pxl.jpg?i=u1dvjpo9e55sy80hm5&s=528&p=https%3A%2F%2Fww3.read7deadlysins.com%2F&rstk=https%3A%2F%2Fww3.read7deadlysins.com%2F&h=1081511641362007264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-length
597
x-amz-cf-id
7ld0zRy5MuzrG5P9esPxwqpXFboH5w3TMhGRdW8AZNeDkc2UNie46A==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		1 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-149279885-2&cid=608927346.1641362007&jid=1380662669&gjid=1504035090&_gid=489424929.1641362007&_u=IEBAAEAAAAAAAC~&z=1656521938
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ww3.read7deadlysins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 05 Jan 2022 05:53:27 GMT
content-type
text/plain
access-control-allow-origin
https://ww3.read7deadlysins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen.js
ads.themoneytizer.com/s/ Frame A539 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Wed, 12 Jan 2022 05:53:19 GMT
requestform.js
ads.themoneytizer.com/s/ Frame A539 		67 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
77aa5767150186e13ec510eb8ff484eba622aa849a7e224721dbbe5723c90efd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 12 Jan 2022 05:53:27 GMT
bidgear.readnaruto.com.842741.js
jsc.adskeeper.co.uk/b/i/ Frame ACC5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.js
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/html?domainid=1042&sizeid=16&zoneid=3323&wu=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858405ec3b43c0d8b53e63cd12461d8c70c241153a35993a4e688dd839a7b471

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
age
7062
last-modified
Tue, 14 Dec 2021 11:28:28 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
8VJP6SZR3GMHJ3SW
x-amz-id-2
8CXH59nOK1UEQ2/G+uZO4NkexBgcPaQQgLWUw2qY18m/px0O1PxRXmHponw325N/pgy+9RE1YL8=
cf-bgj
minify
server
cloudflare
etag
W/"0d2c126b854f945a29d1be4e9e2d259d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6c8a7241ce8a233d-ZRH
expires
Wed, 05 Jan 2022 09:53:27 GMT
rec
imp9.bidgear.com/ Frame ACC5 		599 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imp9.bidgear.com/rec?t=1&z=3323&uuid=94a02efede054471888132fc87de3ac9&p=78&g=DE&token=4a44335432&tbg=1641362007
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpIWIW2kCrJ74ZgoSKGu4%2F%2BO5jJ3eS6Vzn1k7CP1Mw3xI9%2Frv5%2BZN5VnZW9VmgarCQbQydrd7iYzwiAu98k883w7qeoAFUBfGzj%2B9hVU0hukUwgSse9uxrrWJ5VUJGbOE76A980OLsjOTXanNDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
6c8a72419d6d755a-LHR
content-length
599
smart.js
ced.sascdn.com/tag/1743/ Frame 92AB 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1743/smart.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94293&cb=3780511641362007136
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c986b087913f7bdcd01234bba21bef10812d2936d51d5d7d8de8cce6a110d58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
28190
Expires
Wed, 05 Jan 2022 06:08:27 GMT
/
ads.projectagoraservices.com/ Frame 291F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=8861991641362007139
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
bounce
secure.adnxs.com/ Frame DF75
Redirect Chain
  • https://secure.adnxs.com/ttj?id=18287125
  • https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18287125
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18287125
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=69a1ae274eff659621cc5da174992f8b1&cb=9206771641362007142
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1e1d65c2c0c45bc0182cdf1b27d4273808269755b36d4c3b3c50f1503d456c4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6062f298-f2f6-48b2-90d9-6073c941f9ec
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:27 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
197e0ccc-64e9-44a4-ae6b-440d1af303c5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18287125
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 40A4 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1957367064e5b26088677bc61fc98dc01&cb=3455941641362007140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsK%2F%2F6yQ0ZHcQYbreyOpQgLPM%2BhRh6AFcNYfx%2BvSUFJeNL21WWd4ZhdHcBykMcmSfvsCExkDt%2B%2By4yN%2BtQKZETRGsyXE6KmpaRxme0h4A%2B5vyL2awbI1c7PmsCXGvFwJA5O998O%2BnpJluUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a72418851776b-LHR
prebid_v4_21.js
hb.adpone.com/ Frame 3C00 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=59338ab25f27652e7e47e53fbab83cd65&cb=3864951641362007137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeSdLJSsryfXjgpgWWxta3rDIwileVzuZ%2BJlXwoZi3tAPntjgiOlCe0GHjlDsfxJBvmXWuueONeSkw3BDojB%2Fj0qT9qYPD5pTdHh8BGlaHl0ktEbDV6I%2F6r%2FAn03W65kXruqV%2F0bQL9AI%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a7241985b776b-LHR
17210.js
ads.rubiconproject.com/ad/ Frame 8FF3 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/17210.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=c45f858cb8b4b094b8b6229bad96a54e3&cb=5795391641362007135
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=9427
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Wed, 05 Jan 2022 08:30:34 GMT
prebid_v4_21.js
hb.adpone.com/ Frame FAA2 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=05bcf34b3dc8ef781ff91667b6cbe5da3&cb=5359921641362007137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3wob5eotisPj32BtnUCNL0OouP2W741%2BK4RcCKrc25TqIYN%2Bah%2Faa%2FEqJ%2FtZQ0gayZPbwVwF5yTy%2Bs6Rwl2S%2FrAOe57JX5MHT5cnXoNJRnCQjSNXqkGdK%2FtPRJr5oj2lYJ2D4BGDm4yGtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a7241a86d776b-LHR
prebid_v4_21.js
hb.adpone.com/ Frame BC90 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRdLfQo6uUsSif1OM5KXZL7bJXQgKtkE5Wp2jTPUUlqjwTZo1C0L4S8ELCnxcsU0kG3I6cxtc5wXdPkeoQF%2Fk271em5pkxeU66xNk%2F%2FK6A1NoI%2BnwgmRsgHUhIO6djfo1mQ58SWixZX7bNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a7241a875776b-LHR
prebid_v4_21.js
hb.adpone.com/ Frame 0A99 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGaQKT2Q99wSrcxa8Yh3d0rL4u0%2BmgNTUgUNwD6GJso4rX3WXUApT9S5UPyegxdL%2Fnrdy7HtFEIhYrHddQgB%2Fg6H9ziD2Hy2uS52KzFqto2A7jPW%2FIoV1wvK6bnyDZS4tvXxyjnpV3qZBvo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a7241c88f776b-LHR
prebid_v4_21.js
hb.adpone.com/ Frame 668E 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=60f0e959e67789b550dbbeaa782904915&cb=8367551641362007141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Cdebr6i7FnpCbR3GLOrSBlNOk6Wt3M1fJBtQoq9wwx7z987tY2kMUZ2VI0fQm89IPpurRqrJcGJDDAK4PEpZD09bNzJj0SdZfPT8QaZ5JY00XMU%2FBsi4N2g4WGuwGM8kAAh4oMik4sdpLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a7241c892776b-LHR
prebid_v4_21.js
hb.adpone.com/ Frame C923 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=c875f76156c3307c45687011d2d8e2cf3&cb=2932131641362007142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4617
x-amz-request-id
YDWVX0BEPV31AFHY
x-amz-id-2
XHhU5E5pfFztP101ZvZrPRNO7oazPU5PvDc3To2dWmvnue5x24PlAquNj7MFkL+e7bkMAA3GX3c=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuaQ7OkU9LWQW%2FugTGOeQExWMvVGG%2BZp%2FIvWhbNb9tEuBwT9dDhW5DYne2IgdFUYct%2Bd4f2fsRH2MuLZpr%2FkRgTilqokv7quNK3txC5y0A%2B22CiG%2BLizs0H10QyW5T%2FfpIdpiGSAI2unBBs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
6c8a7241d897776b-LHR
/
ads.projectagoraservices.com/ Frame D5EF 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/ 		267 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1641289175/87216b358402869b1c0e66facfc9ae3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2361662
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6c8a72426c5e01df-ZRH
expires
Wed, 08 Dec 2021 22:22:25 GMT
prebid-6.4.0.js
assets.vlitag.com/prebid/default/ 		528 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-6.4.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1641289175/87216b358402869b1c0e66facfc9ae3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521245405e1a0702829542841fec26c99b6d817671463ecc31da19c4e67ee4b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
266975
cf-polished
origSize=540432
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 10 Dec 2021 14:14:22 GMT
server
cloudflare
etag
W/"61b360be-83f10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6c8a72426c5f01df-ZRH
expires
Fri, 10 Dec 2021 14:44:29 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1641289175/87216b358402869b1c0e66facfc9ae3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fee513eec93d609677cfb4d1f3164562f7d36855b5bf9b380c57b46f08aa3779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27025
x-xss-protection
0
server
sffe
etag
"1092 / 23 of 1000 / last-modified: 1641335921"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Jan 2022 05:53:27 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1641289175/87216b358402869b1c0e66facfc9ae3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Wed, 05 Jan 2022 05:53:27 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1641289175/87216b358402869b1c0e66facfc9ae3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2250225
cf-ray
6c8a72426c5c01df-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Fri, 10 Dec 2021 05:19:42 GMT
/
ads.projectagoraservices.com/ Frame 2692 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 7FF5 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Jan 2022 05:53:27 GMT
/
g.themoneytizer.net/g/ Frame A539 		26 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Server
nginx
X-IPLB-Request-ID
B9D59BB0:D77C_91EFC191:01BB_61D53257_7DCF3D1:2DDF
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneybile.js
ads.themoneytizer.com/ Frame A539 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
nginx
etag
"604b9fc7-981e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
16267
expires
Wed, 12 Jan 2022 05:53:07 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame 291F 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
/
c.tmyzer.com/c/ Frame A539 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=54641&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 05 Jan 2022 05:53:27 GMT
Server
nginx
X-IPLB-Request-ID
B9D59BB0:C8C0_36264064:01BB_61D53257_F33EB01:1CC2A
X-IPLB-Instance
41595
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ Frame A539 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
302c20b858fb14d0754ea5569f7d3a563dfee7a6db2420454193359bcc9ef3bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
28113
Expires
Wed, 05 Jan 2022 06:08:27 GMT
sync
gum.criteo.com/ Frame A539 		49 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2286
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/ Frame A539 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
via
1.1 google
cf-cache-status
HIT
age
1145
cf-polished
origSize=62056
content-encoding
br
last-modified
Wed, 05 Jan 2022 05:34:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://deinreisemagazin.de
access-control-allow-credentials
true
cf-ray
6c8a72431caecc42-ZRH
access-control-allow-headers
*
cf-bgj
minify
libJsLP.js
tag.leadplace.fr/ Frame A539 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
B9D59BB0:ABA8_91EFC0A6:01BB_61D53257_71867756:232FA
ETag
"6167dbf8-15ab"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame A729 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1641362007481
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ Frame A539 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 12 Jan 2022 05:53:27 GMT
px.js
p.cpx.to/p/12763/ Frame A539 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1629b100363a97d843eec7359e215550f98a0d3e98406d6d9a08f29a96fc011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Cache-Control
max-age=604800, public
Connection
keep-alive
Content-Length
3536
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame A539 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-7.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 22:39:58 GMT
Via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
26014
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
m2au6MMga0f0C7qnZvNX4A02x5EtzssGx1f2UAklSPectPWHt4LeTA==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame A539 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 04:56:51 GMT
Server
Apache
ETag
"da3ade-930b-5d4ce94fecd84"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=511
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Wed, 05 Jan 2022 06:01:58 GMT
prebid.js
ads.themoneytizer.com/moneybid6_3/build/dist/ Frame A539 		600 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid6_3/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=54641&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
bc9a9be89e7b42f47be69ba5ec4ed940c7350b2b236aaf21237829e2ef27ff0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Mon, 20 Dec 2021 14:08:03 GMT
server
nginx
etag
"61c08e43-95f11"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
184015
expires
Wed, 12 Jan 2022 05:53:19 GMT
9.gif
id5-sync.com/i/12/ Frame A539 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.38 , France, ASN16276 (OVH, FR),
Reverse DNS
p16.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame D5EF 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame 2692 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
/
ads.projectagoraservices.com/ Frame AE29 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1957367064e5b26088677bc61fc98dc01&cb=3455941641362007140
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
/
ads.projectagoraservices.com/ Frame 8B8B 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=59338ab25f27652e7e47e53fbab83cd65&cb=3864951641362007137
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
1537884-15.js
smarttag.rubiconproject.com/a/17210/304582/ Frame 8FF3 		147 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/17210/304582/1537884-15.js?&cb=0.7343508351225907&tk_st=1&rf=https%3A//ww3.read7deadlysins.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=304582_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/17210.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:27 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
147
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ac
www5.smartadserver.com/ Frame 92AB 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1743&siteid=338505&pgid=1185054&fmtid=52941&async=1&visit=m&tmstp=6032856918&tag=sas_52941&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fww3.read7deadlysins.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1743/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
b896afc83022a9cba3d395cdb8f1c09f49df5869b96d9c41af7bfdca6286d005

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b20%3b94
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
bidgear.readnaruto.com.842741.es6.js
jsc.adskeeper.co.uk/b/i/ Frame ACC5 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.es6.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e62cd87a7b4759537deee6b477e976f102923ac76a7525d20c13d7cc965a52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
cf-cache-status
HIT
age
915
last-modified
Tue, 14 Dec 2021 11:28:28 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
8VJN0Q6S8A2G07FS
x-amz-id-2
KxbK2Ky/HMGjH1Nes9Q/VMahzuo1b6Lji2vVf01d+cC46y5b5fM3L13BDVs68w0JjNLVmRpyp9Q=
cf-bgj
minify
server
cloudflare
etag
W/"1c2dd054d3d26c1de755f1a3de50314c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6c8a72431d082397-ZRH
expires
Wed, 05 Jan 2022 09:53:27 GMT
/
ads.projectagoraservices.com/ Frame 6385 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=05bcf34b3dc8ef781ff91667b6cbe5da3&cb=5359921641362007137
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
/
ads.projectagoraservices.com/ Frame BD57 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=60f0e959e67789b550dbbeaa782904915&cb=8367551641362007141
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
/
ads.projectagoraservices.com/ Frame 76DC 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=c875f76156c3307c45687011d2d8e2cf3&cb=2932131641362007142
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
/
ads.projectagoraservices.com/ Frame C6D3 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
/
ads.projectagoraservices.com/ Frame 8A1D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3877
expires
Wed, 05 Jan 2022 05:53:27 GMT
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9600:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be3e6ce4107dfe75c6ed8d87f06761d7b4c19db8ecab97a36a5b67c4eb4f8fb5

Request headers

Accept
application/json, text/plain, */*
Referer
https://ww3.read7deadlysins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 03:00:37 GMT
content-encoding
br
age
10371
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 19:52:29 GMT
server
AmazonS3
etag
W/"fe8c8b5e209e644733d0f8409ab6b3e6"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
zCrQHiuNw31hrghkNyGCtDjPASEg7Q_.
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
J61vsl9xcWcozrxZdSM2GCnwhbUFQh_w6eUD7KZzSGZCtCeLbir9sw==
sync
gum.criteo.com/ Frame DF75 		51 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18287125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1398
strict-transport-security
max-age=31536000; preload;
content-length
169
expires
60
ttj
secure.adnxs.com/ Frame DF75 		0
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1641362007&bdh=EqC_hT206-iNRIFbKsqbQnOHF9E.&&bdref=https%3A%2F%2Fww3.read7deadlysins.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fww3.read7deadlysins.com%2F,https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D69a1ae274eff659621cc5da174992f8b1%26cb%3D9206771641362007142&&id=18287125
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18287125
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:27 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f4dd96c7-424e-4148-bc47-ba17a4f87fcc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame AE29 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame 8B8B 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame 6385 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame BD57 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame 76DC 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame C6D3 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
/
adx.adform.net/adx/ Frame 7520
Redirect Chain
  • https://adx.adform.net/adx/?rp=3&bWlkPTc1NTc2MyZybmQ9cnRkbWdtZHNjYnl4bGRybndxMHY&url=https%3A%2F%2Fww3.read7deadlysins.com&callback=_adform_cb_1641362007632_7287018468328268
  • https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTc1NTc2MyZybmQ9cnRkbWdtZHNjYnl4bGRybndxMHY&url=https%3A%2F%2Fww3.read7deadlysins.com&callback=_adform_cb_1641362007632_7287018468328268
942 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTc1NTc2MyZybmQ9cnRkbWdtZHNjYnl4bGRybndxMHY&url=https%3A%2F%2Fww3.read7deadlysins.com&callback=_adform_cb_1641362007632_7287018468328268
Protocol
H2
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
58434ee2385ecd03efc08d02d7ffb3bdc8044924e3041c87e65fb33106ecad19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTc1NTc2MyZybmQ9cnRkbWdtZHNjYnl4bGRybndxMHY&url=https%3A%2F%2Fww3.read7deadlysins.com&callback=_adform_cb_1641362007632_7287018468328268
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pav2_3.25.min.js
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame 8A1D 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6772&uref=https%3A%2F%2Fww3.read7deadlysins.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:41:50 GMT
server
UploadServer
etag
"62f6e3ecdac2180be2d034b01fe3c4a5"
vary
Accept-Encoding
x-goog-hash
crc32c=o5m3Cw==, md5=Yvbj7NrCGAvi0DSwH+PEpQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdsbOOkUZColgT3nrtb3bzs-ANwtuQY2ZFipYaYD949E6NpNQX-0AH_1ZzFCOXKhf_ADjsDBD4QnXoLpkbo9ats
content-length
7119
expires
Wed, 05 Jan 2022 10:53:27 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame A539 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:00:36 GMT
content-encoding
gzip
age
3172
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
mrQ2kXd1KXdks2R1Gy6rgDrf_FXi_dm082DTpAME1xEjz3xmbAVTEA==
rid
match.adsrvr.org/track/ Frame A539 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
11308a7fbf32aa690501309753578bd45c17f9dee1dd2cfae7c08daa3c9c0589

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://runwaff.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 04 Feb 2022 05:53:27 GMT
identity
api.rlcdn.com/api/ Frame A539 		44 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://runwaff.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Jan 2022 05:53:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		203 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ww3.read7deadlysins.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7bf9f395cfe5abb43422754de761e9a7093d19987ac15d083470a0ff2e803b51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
x-xss-protection
0
expires
Wed, 05 Jan 2022 05:53:27 GMT
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame 291F 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame D5EF 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame 2692 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
102.json
id5-sync.com/g/v2/ Frame A539 		212 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.38 , France, ASN16276 (OVH, FR),
Reverse DNS
p16.id5-sync.com
Software
/
Resource Hash
b458ea58a0ce58780b9774f89b60e97cd5c5310a77e99074c2d05386a21cccd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://runwaff.com
Date
Wed, 05 Jan 2022 05:53:27 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame A539 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 04:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
436450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 31 Dec 2022 04:39:17 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220105
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d2426eb8fffb1bfb85f036fb55a581702dcfb090a39ecd33ca151fb5801fee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ww3.read7deadlysins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10349
x-jsd-version
1.0.1212
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19167-FRA, cache-lin2290025-LIN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69d-dOiAJ1zW0AzsTjraz8+m43c3XcE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c8a7244de3d01f8-ZRH
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2388721
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 08 Dec 2021 14:51:26 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6c8a7244ea43233d-ZRH
cf-bgj
imgq:85,h2pri
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame AE29 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
fire.js
s.cpx.to/ Frame A539 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fww3.read7deadlysins.com%2F&url=https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D05ce0684c5396c5bd68c434103884dbb3%26cb%3D3233571641362007140&hn_ver=38&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.18.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dc453e164cf3d90394f34101009154927c343ebb6a4d0e10e09532c661911f2f
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 05 Jan 2022 05:53:27 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
1157
Expires
Mon, 06 Dec 2021 16:27:42 UTC
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame 8B8B 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 8FF3 		156 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=c45f858cb8b4b094b8b6229bad96a54e3&cb=5795391641362007135
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Oct 2019 16:53:58 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		300 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71f7fe1803045ec43e8d89fdd9c066b6a06839054fdfb283f8c3ab787c161b46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 03:00:35 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
10373
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 Jan 2022 03:00:32 GMT
server
AmazonS3
etag
W/"d5cbaa519f66b127971ac9daa6c13c68"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
JBhz8Xwh61gab_RxxZVMI0B4bDVCUSWMdgynItKBIEfh97pjocAWfQ==
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame BD57 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame 6385 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame C6D3 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame 76DC 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
prebid.3-25.js
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame 8A1D 		353 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 08:19:53 GMT
server
UploadServer
etag
"e7cbe25a75f248ede95db448fca1afce"
vary
Accept-Encoding
x-goog-hash
crc32c=XqeZlQ==, md5=58viWnXySO3pXbRI/KGvzg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdssyP20d2sidEGiBcjRlBI47IVaAB6gYOi8gSvQs3dV4CpWYGV1nTW83pJXhZnL7ieuOmwGyanBrF72Cb-omQwReOYwnQ
expires
Wed, 05 Jan 2022 10:53:27 GMT
pixel;r=1974485282;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D05ce0684c5396c5bd68c434103884dbb3%26cb%3D3233571...
pixel.quantserve.com/ Frame A539 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1974485282;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D05ce0684c5396c5bd68c434103884dbb3%26cb%3D3233571641362007140;ref=https%3A%2F%2Fww3.read7deadlysins.com%2F;uht=2;fpan=1;fpa=P0-1672648712-1641362007893;pbc=;ns=1;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;d=runwaff.com;je=0;sr=1600x1200x24;dst=0;et=1641362007893;tzo=0;ogl=
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
headerstats
as-sec.casalemedia.com/ Frame A539 		0
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fww3.read7deadlysins.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:27 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://runwaff.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Wed, 05 Jan 2022 05:53:27 GMT
/
adx.adform.net/adx/ Frame 291F 		5 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTNhMGE3MDFmLTNkYWMtNDI2Yi04ZWQwLTg4MjhiMWFhZjY2ZA%3D%3D&pt=gross&stid=357abc0a-e395-4c74-be97-e029ae71f69c&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 291F 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c44728f3-3276-4971-a01a-530d57a2cb11
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 291F 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
9c698a961e1a00fade296db2dd5e51b28e9dfc3466920931ad73934681f23f6f

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b3%3b76
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
/
adx.adform.net/adx/ Frame 2692 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTFiY2ZjZTA0LTc0OWEtNDk4NS05Mzc0LTRkMDYzN2ViYTRhZA%3D%3D&pt=gross&stid=d1c21cfc-ed9e-4783-a523-f4b76c39c691&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
00647b104e368f4eff55f5b39a340255994cbdfcab65f35228d7f680389ea02a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 2692 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7752805c-5d62-4163-a809-cf626f1a9ffa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 2692 		823 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
ae9108e39c2e1d253423f6beb4942d1504c243d53cd9bda1624f20ca272d8d45

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b18%3b66
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
/
adx.adform.net/adx/ Frame D5EF 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTVjM2JhNTZiLTUyN2YtNDc2ZC1iNGM4LTQ2OTJiY2ZkZWJkZg%3D%3D&pt=gross&stid=fc610b62-1683-466d-8291-3ddcab229929&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b0de22d4f5a7af6092510a77bb6ec95afe5f374c7131ed4bc85e5341784653ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame D5EF 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
ae6454b3f29fd9e1f98462d39bc2f02c1724e209cc498f7efdb5a681541a7be7

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b25%3b42
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ Frame D5EF 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c05a5161-83b9-4206-86b3-efd8cf1b5f6a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/23/ 		469 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 18:08:08 GMT
content-encoding
br
age
42321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:43 GMT
server
AmazonS3
etag
W/"b999c652510fc4edd897a1d667aaee33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Eu4xJFghc4SpShfcX3U1Dftj9LTeAavK_CaXfda65HfExwegcN-flg==
17210.js
ads.rubiconproject.com/ad/ Frame AB6D 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/17210.js
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:28 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=9426
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Wed, 05 Jan 2022 08:30:34 GMT
sync
s.cpx.to/ Frame A539
Redirect Chain
  • https://token.rubiconproject.com/token?pid=34010&puid=177d0aeaf7f7ca9&gdpr=0
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KY14K6LS-P-2CO0&customParamenters={p:customParamenters}&gdpr=0
95 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KY14K6LS-P-2CO0&customParamenters={p:customParamenters}&gdpr=0
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Server
34.249.18.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 05 Jan 2022 05:53:28 UTC

Redirect headers

Location
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KY14K6LS-P-2CO0&customParamenters={p:customParamenters}&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame A539
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddaec58cd-bc0a-41c5-b9c4-fc8037a200e2
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddaec58cd-bc0a-41c5-b9c4-fc8037a200e2
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9853198D-69D3-46C1-9A1C-00A0024EB908&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
95 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9853198D-69D3-46C1-9A1C-00A0024EB908&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Server
34.249.18.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 05 Jan 2022 05:53:28 UTC

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9853198D-69D3-46C1-9A1C-00A0024EB908&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
date
Wed, 05 Jan 2022 05:53:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ca.png
s.cpx.to/ Frame A539
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&google_gid=CAESEJ2sSk4-kpcibzqWh6ryoI8&google_cver=1
95 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&google_gid=CAESEJ2sSk4-kpcibzqWh6ryoI8&google_cver=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Server
34.249.18.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&google_gid=CAESEJ2sSk4-kpcibzqWh6ryoI8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame A539
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddaec58cd-bc0a-41c5-b9c4-fc8037a200e2&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&gdpr=0&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&gdpr=0&cklb=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2&gdpr=0&cklb=1
pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
s.cpx.to/ Frame A539
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=92e69f55-1916-4f34-9082-365b54ecbd05&dsp=TTD
95 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=92e69f55-1916-4f34-9082-365b54ecbd05&dsp=TTD
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Server
34.249.18.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 05 Jan 2022 05:53:28 UTC

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=92e69f55-1916-4f34-9082-365b54ecbd05&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
an_fire
s.cpx.to/ Frame A539
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fww3.read7deadlysins.com%252F%26url%3Dhttps%253A%252F%252Frunwaff....
  • https://s.cpx.to/an_fire?app_nexus_uid=4294195725904454246&pid=12763&ref=https%3A%2F%2Fww3.read7deadlysins.com%2F&url=https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D05ce0684c5396c5...
95 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=4294195725904454246&pid=12763&ref=https%3A%2F%2Fww3.read7deadlysins.com%2F&url=https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D05ce0684c5396c5bd68c434103884dbb3%26cb%3D3233571641362007140&hn_ver=38&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Server
34.249.18.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 05 Jan 2022 05:53:28 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2b63efa9-4070-4638-9402-3e1f2b9f81de
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=4294195725904454246&pid=12763&ref=https%3A%2F%2Fww3.read7deadlysins.com%2F&url=https%3A%2F%2Frunwaff.com%2Fstat%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D05ce0684c5396c5bd68c434103884dbb3%26cb%3D3233571641362007140&hn_ver=38&fid=daec58cd-bc0a-41c5-b9c4-fc8037a200e2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
pool.grid-data.bidswitch.net/ Frame A539 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: runwaff.com
URL: https://runwaff.com/stat?i=u1dvjpo9e55sy80hm5&a=05ce0684c5396c5bd68c434103884dbb3&cb=3233571641362007140
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.165.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-165-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
adx.adform.net/adx/ Frame AE29 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTBiNjgwMjQ3LWY1MTAtNDc4OS1hNjJlLTI0ZDVkNWNkNjkwZA%3D%3D&pt=gross&stid=1152d899-b644-459f-a47e-5c262825e9d3&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
9ae4942e6a4f7f1ba65fffb07b324698dc6b42c0274721a4bc054d99e23f341b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame AE29 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
352c6ace-072f-4be7-a07a-3941aef9c72f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame AE29 		929 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
f4bcefdd16faa59b3fe92bf8ef1e0e5b796e38e051f150b7158f6aa6cf1e602a

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b19%3b51
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
/
adx.adform.net/adx/ Frame 8B8B 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPWIxNDM2NDVhLWEwY2UtNGRlYy1hMjdjLTY3YmRiNTVhMTc3Zg%3D%3D&pt=gross&stid=47a1d78a-970b-44e5-9a78-c35473e565e6&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
300bd11a164fea262e89187c26b741faa110208fffbf2d676ad867826c32e761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 8B8B 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2f086cf1-8a29-4303-92a1-ddb8b9d2c2d6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 8B8B 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
cc74414927af7e53ee6a77a895eb9159173a7a625d5a6ec9da8d079d17d99f15

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b6%3b44
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ Frame BD57 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d4eb038d-a74b-49fb-85d7-30addf7a7d8e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame BD57 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTljYmM5N2M2LThjZmItNDg4Zi05YzAzLTY3NTc2NzNkZGIwNA%3D%3D&pt=gross&stid=1cab761f-ad16-48b3-bea8-02032ccf2805&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
90588a36345ab4c4115c97af4f7420ffbe1b473538276d1d230058ea62017ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame BD57 		997 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d8f8c7c999b1cde3d2db64e691feb129b2fe2a7c37119a449d7709af22475de

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b16%3b81
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ Frame 6385 		938 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
af6bce541d4146ed87245609dce363580e0eef7bd4cb13a3b9fff37aa5133053

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b1%3b62
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ Frame 6385 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d691dd25-dc3d-4f62-9e44-8cff86b945de
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 6385 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTZiNWJjNzU2LWI0OTItNDg3My04NTJiLTRjODJkZmYzOWVjMg%3D%3D&pt=gross&stid=47cbf23b-e12b-4870-a186-acf96a212d4e&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
5bb38b4b989da09485c17120c88a1f5f6968207241825da70d86cf7105587110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ Frame C6D3 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTVlMDMwNjQ5LWE0YzMtNGM2NC05OWNkLTk2YjhhYzY4OTJmYQ%3D%3D&pt=gross&stid=b533d2a2-e4c9-4146-abe6-7a7b0ff2c7a4&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8d639e437428e499700a0c263759f1df078df377157d51361041a9e68e5c3614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame C6D3 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
294e5e2f8718e1514753e8642bfda1d2485cd1652d9435c42a3fb561746192a4

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b24%3b42
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ Frame C6D3 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
97c43f66-a95f-4958-bb1f-2591c5f74bb9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 76DC 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f0811061-3a32-4f87-91b8-22075bc36f72
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 76DC 		969 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
678a1bd718e7cbfeebe8ce443eae556b2313fb46ec09b8d1d1d1d172b763af16

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b1%3b99
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
/
adx.adform.net/adx/ Frame 76DC 		5 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPTliZGFiYzFkLThhMjUtNGJmOS05OTJkLTQxZmY2MDk0NzI1Zg%3D%3D&pt=gross&stid=f33b098c-7856-42b0-b309-26d338aa0a3e&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 8A1D 		644 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
1b75f4dca05a6e106b9c3859917739953540e1d3bad059e8cab21982fcb4c155

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b8%3b78
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ Frame 8A1D 		19 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
35a70fed-04a5-43f0-8474-fdf5800102eb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 8A1D 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc2MzQ4NSZ0cmFuc2FjdGlvbklkPWVhMDc1MTBmLTRhNjctNDliOC04YTRiLTI5ZjY0NjAxNDc2NA%3D%3D&pt=gross&stid=6a3d7bcd-2b49-4a01-ba67-496e464afd5c&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
1f242371e1e3399be4bbbfa4ea4ecc4477ca8ebff1c5f6a7155aa7347eaf3a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
loader.js
cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/ Frame 972E 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd981c2f116a7bc868c99248cba9c86fdf48401f8dfc6880c3be636dffb7063e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
2.jikXj0IF0Kjzc_WFh0K9qugkFgcROV
content-encoding
gzip
etag
"93c5c5bfbc2b00d6cd2624556019f893"
age
0
x-cache
HIT
content-length
18195
x-amz-id-2
egjRPfU3bgAUUgztQDznaZYmUsYWjBeFUj1FMBE+YwEftOSiLJhDvEmZzg/2/tULNQzCVB9Fykw=
x-served-by
cache-hhn4071-HHN
last-modified
Tue, 09 Jun 2020 01:11:17 GMT
server
AmazonS3
x-timer
S1641362008.143822,VS0,VE113
date
Wed, 05 Jan 2022 05:53:28 GMT
vary
Accept-Encoding
x-amz-request-id
37PTRWSDX3627V9G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
1
/
projectagora-483829-hdb.adomik.com/ Frame 291F 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMzU3YWJjMGEtZTM5NS00Yzc0LWJlOTctZTAyOWFlNzFmNjljIiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwic2l6ZXMiOlt7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6Ijc4YzYyZjBhYWEyNDYzIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE0NywiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6Ijc4YzYyZjBhYWEyNDYzIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE0NywiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=357abc0a-e395-4c74-be97-e029ae71f69c&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
track.adform.net/adfscript/ Frame 3194 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=29848506;rtbwp=6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0;rtbdata=eIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kUE0gydNGo0qHMLsI0XOHfszOevCoUmbrHCuXkiZeM4a62CBBDm805T7WXJg35mTxt71AOlDcCMQLzGSJvWRmeQZqdjold7QTERL-suXRRXTtzvLaQ0rS3K0F6vhOHP1YiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8edZr-qLRqiTsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kt64QP1LhUcZxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziw_25nsNlC37er1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
23d9eb3afd96cbc3901d951d94f1bcfe4cb35e98c065e7724b7db9885b5aa52b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1296
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 3194 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame 3194
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform
  • https://px.adhigh.net/p/cm/bsw?u=d93303c2-dfbd-4077-a069-08acb99e81b4&bidswitch_ssp_id=adform
  • https://px.adhigh.net/p/cm/bsw?u=d93303c2-dfbd-4077-a069-08acb99e81b4&bidswitch_ssp_id=adform&bounced=1
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=uLpbnBI6o6FV.AikABlF-KMypng&expires=30&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame 3194
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
240c3640-4d02-46f1-867e-86984f64a321
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 3194
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=4f2972d8-becd-4cc0-816e-6b5fa8ebcf6a
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=4f2972d8-becd-4cc0-816e-6b5fa8ebcf6a
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=4f2972d8-becd-4cc0-816e-6b5fa8ebcf6a
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame 2692 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZDFjMjFjZmMtZWQ5ZS00NzgzLWE1MjMtZjRiNzZjMzljNjkxIiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwic2l6ZXMiOlt7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSx7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzZjZmVjZThjOTljMDkiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wODkwMDAwMDAwMDAwMDAwMiwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjEyMSwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzZjZmVjZThjOTljMDkiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wODkwMDAwMDAwMDAwMDAwMiwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjEyMSwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6Ijg1YmEyNDc1MTJkMzUzIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE0OCwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=d1c21cfc-ed9e-4783-a523-f4b76c39c691&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame 2692 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6Ijc2Y2ZlY2U4Yzk5YzA5IiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAifQ%3D%3D&id=d1c21cfc-ed9e-4783-a523-f4b76c39c691&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
notifyme.php
adtrack.adleadevent.com/ Frame A539 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.188.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-188-133.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://runwaff.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
track.adform.net/adfscript/ Frame 9030 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46016408;rtbwp=_1GWNEh9ei5mZQIeozaLU60WvdyprACV0;rtbdata=OS-8pJ27cx0WgqrA_STPLyiDO35psc3XPCecQNkDNG3itEDe_q0hDNZoOBUBnOpYe5sfN63X0TjYLcajdAV4UbtD8o44SJMTpJYSvysFFqQf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5iVCAMkSs4xOyWRzRYEgE2uOPrlth6P6armiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=DJpz_uRRh8V42u1ywTJ-2quDWUnT6fr_fiNMafvSA2A3_QvwpezOn5DzZ4xMx-m2huuso-CINz2_WlveaTmAp2I_2HtB8IE_N6mbb00j41qYBirSxcubzQFMirXwUx5DxjAMvfKFxlV0xWzavoWC8SAdGESHbPwmL3iadT8Wn-hmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyR77vrXzyh3jA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-2HB7qdyzBKJ8jNvcRCqvx_er1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
7dd91c54d24510f6f3210d4b594f2d5ec926b44587ab80e6be2e08b579ceda37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1329
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 9030 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame 9030
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adform&ssp_user_id=d93303c2-dfbd-4077-a069-08acb99e81b4
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171315486&expires=5&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame 9030
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
133ed5bc-4070-4df9-97d4-b0dffb67f6c2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 9030
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame D5EF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZmM2MTBiNjItMTY4My00NjZkLTgyOTEtM2RkY2FiMjI5OTI5IiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwic2l6ZXMiOlt7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSx7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzBjMGE4OWRlZWY3NGQiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wNTA5OTk5OTk5OTk5OTk5NSwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjExOSwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzBjMGE4OWRlZWY3NGQiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wNTA5OTk5OTk5OTk5OTk5NSwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjExOSwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6IjhkN2YxZjRiNjk5ZmE1Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE1MiwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=fc610b62-1683-466d-8291-3ddcab229929&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame D5EF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6IjcwYzBhODlkZWVmNzRkIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAifQ%3D%3D&id=fc610b62-1683-466d-8291-3ddcab229929&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
1537884-15.js
smarttag.rubiconproject.com/a/17210/304582/ Frame AB6D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/17210/304582/1537884-15.js?&cb=0.9923076983951984&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=304582_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/17210.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0bd5fc0db6f2aa30c3fbbc97e2ad0d28135fd083f7830c487737c2a4d94a8f23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
2090
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22ww3.read7deadlysins.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1641362008191%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-gvwgayod827s466mnodu%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://ww3.read7deadlysins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 09:15:37 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
age
74272
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
vary
Origin
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
04WQkX2gVy2JUxYia6Fw3TQYl1EqAzywGmvqyoYW4SiidjmB2CcxKg==
/
track.adform.net/adfscript/ Frame E959 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=49007064;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiVp3B2MBGfqyW3NFcOMrER3i6BgtVR4iRPTo_Xaoj_Q3TYjw-lYUkmAThXVWmxms1sw8KJnD3qS_gmFek4aBsF23xFIFr1TVKIf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h9yF3z6YcT7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pIVd-zMCINJ42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m29uQl86fFeu6ez7MnhBBbYnj2Vo_6ynXT4pAl-FeOX65hHPQC0c22XDm6qh_7jq0mwk2d9yW1jwjgwP8GB6BffTO6TTrbqmp-TgHquwWdt8NmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXfSNcr8kJj_A7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-39gw4qdjhLIQJjFRM1GLPzer1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
c51903bd0088a1dab7d50ac0f7098e802cb72ca76730d60c56ecff6d6aca6ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1343
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame E959 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame E959
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adform&ssp_user_id=d93303c2-dfbd-4077-a069-08acb99e81b4
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316337&expires=5&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1957367064e5b26088677bc61fc98dc01&cb=3455941641362007140
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame E959
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1957367064e5b26088677bc61fc98dc01&cb=3455941641362007140
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
65e51424-67c4-46fa-a19d-ad7eb8d1ced8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame E959
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1957367064e5b26088677bc61fc98dc01&cb=3455941641362007140
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2998
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame AE29 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMTE1MmQ4OTktYjY0NC00NTlmLWE0N2UtNWMyNjI4MjVlOWQzIiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwic2l6ZXMiOlt7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSx7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzQ4ZTk4OGE2ZTc4MGEiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wNTA5OTY3ODkyNDc3MDg1NCwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjEzMiwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzQ4ZTk4OGE2ZTc4MGEiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wNTA5OTY3ODkyNDc3MDg1NCwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjEzMiwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6IjhkZjAwMDQ5NGFkM2NiIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE3MywiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=1152d899-b644-459f-a47e-5c262825e9d3&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame AE29 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6Ijc0OGU5ODhhNmU3ODBhIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAifQ%3D%3D&id=1152d899-b644-459f-a47e-5c262825e9d3&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
track.adform.net/adfscript/ Frame 2871 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=43382956;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=YGm-oxVB5VY3OOhFL6P9OjMgvXe9qdTVHqyFO23zmppE0L4JMUaJuGS2q5jgA5HHjD25hKEaG-2hyAMArvKtIfMDsfRo9_yEH-AiX6BpLdsf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5gf1UDCeeOr85M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nkuY11ankpV42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2huuso-CINz3FSR2hpWoWJy1vuz9Iw4XdNJAaJcnrq0MK9cBCoinYK9T9EGiga-5CEUYwnwyOtCm0x3vNumGUlb6Cj_WUj5uSZbhL_hb2XmxmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyZTyXvmQMdmBA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-0uTTepJXYWlcxrSqG4D8ener1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
acefffada11e1d2146495b6a3709277ab4dd6e4b5d3a377807bfa9ec151e0da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1331
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 2871 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame 2871
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=92e69f55-1916-4f34-9082-365b54ecbd05&expires=30&ssp=adform&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=59338ab25f27652e7e47e53fbab83cd65&cb=3864951641362007137
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame 2871
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=59338ab25f27652e7e47e53fbab83cd65&cb=3864951641362007137
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b817083e-99cc-4e8d-9acc-2463baec65d4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 2871
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=59338ab25f27652e7e47e53fbab83cd65&cb=3864951641362007137
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2997
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame 8B8B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDdhMWQ3OGEtOTcwYi00NGU1LTlhNzgtYzM1NDczZTU2NWU2IiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwic2l6ZXMiOlt7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSx7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiN2M1NmZmY2Q4MzZhNSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjA1MDk5Njc4OTI0NzcwODU0LCJzaXplIjp7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSwidGltZVRvUmVzcG9uZCI6MTUyLCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IkFERk9STSIsInBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwiaWQiOiI3YzU2ZmZjZDgzNmE1Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDUwOTk2Nzg5MjQ3NzA4NTQsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0IjoyNTB9LCJ0aW1lVG9SZXNwb25kIjoxNTIsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwiaWQiOiI4NjNkN2ZlMWQ4ODY0OSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoxNzgsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=47a1d78a-970b-44e5-9a78-c35473e565e6&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame 8B8B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6IjdjNTZmZmNkODM2YTUiLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCJ9&id=47a1d78a-970b-44e5-9a78-c35473e565e6&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
track.adform.net/adfscript/ Frame 0EE5 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=41375921;rtbwp=jTJEi6lyVxRwvACUNAplWEOZ5ysc03F20;rtbdata=eIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=H7L-ACt8rWgqHMLsI0XOHaYCMasHf3U9WWfrJa27o1EIwgZLVnK38ZT7WXJg35mTsWm9lSvFgU0VKq_ZeHwv4r2k_upbjD_acM3c8kXaEpCMfW3Y1YU_8TQk20iY9v-CXmv6k211kQhRZjjBC_FqK4Fb9fToB8oe88pdwsHbbCjsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kv8fUVQeqGooxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziQlcrm-xXxIrer1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
be5a79bbc91bd7134aae5b1712a11a6f6c75f9c40e357e5711ce557ecea88b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1310
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 0EE5 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame 0EE5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adform
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420006313731&expires=30&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=05bcf34b3dc8ef781ff91667b6cbe5da3&cb=5359921641362007137
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame 0EE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=05bcf34b3dc8ef781ff91667b6cbe5da3&cb=5359921641362007137
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
36260978-1ef6-40b5-930b-393f2c5e9559
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 0EE5
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=05bcf34b3dc8ef781ff91667b6cbe5da3&cb=5359921641362007137
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2996
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame 6385 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDdjYmYyM2ItZTEyYi00ODcwLWExODYtYWNmOTZhMjEyZDRlIiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBREZPUk0ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsInNpemVzIjpbeyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0seyJ3aWR0aCI6MCwiaGVpZ2h0IjowfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6IjcxMTE4YzU4ODNhYTRkIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDk1MDM5NDQ2MzQ1MjQ0MSwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjE2MSwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzExMThjNTg4M2FhNGQiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wOTUwMzk0NDYzNDUyNDQxLCJzaXplIjp7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSwidGltZVRvUmVzcG9uZCI6MTYxLCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiODZjZWJlYzEyOTg3MTgiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTcwLCJhZnRlclRpbWVvdXQiOmZhbHNlfV0sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=47cbf23b-e12b-4870-a186-acf96a212d4e&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame 6385 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6IjcxMTE4YzU4ODNhYTRkIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAifQ%3D%3D&id=47cbf23b-e12b-4870-a186-acf96a212d4e&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/ Frame CD5A 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd981c2f116a7bc868c99248cba9c86fdf48401f8dfc6880c3be636dffb7063e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
2.jikXj0IF0Kjzc_WFh0K9qugkFgcROV
content-encoding
gzip
etag
"93c5c5bfbc2b00d6cd2624556019f893"
age
0
x-cache
HIT
content-length
18195
x-amz-id-2
egjRPfU3bgAUUgztQDznaZYmUsYWjBeFUj1FMBE+YwEftOSiLJhDvEmZzg/2/tULNQzCVB9Fykw=
x-served-by
cache-hhn4071-HHN
last-modified
Tue, 09 Jun 2020 01:11:17 GMT
server
AmazonS3
x-timer
S1641362008.279809,VS0,VE0
date
Wed, 05 Jan 2022 05:53:28 GMT
vary
Accept-Encoding
x-amz-request-id
37PTRWSDX3627V9G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
2
/
projectagora-483829-hdb.adomik.com/ Frame 76DC 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZjMzYjA5OGMtNzg1Ni00MmIwLWIzMDktMjZkMzM4YWEwYTNlIiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiQURGT1JNIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19LHsicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJzaXplcyI6W3sid2lkdGgiOjAsImhlaWdodCI6MH1dLCJldmVudHMiOnsicmVxdWVzdHMiOltdLCJyZXNwb25zZXMiOlt7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzliYTQ3YjFkMDAzYWYiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTY1LCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiNzliYTQ3YjFkMDAzYWYiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTY1LCJhZnRlclRpbWVvdXQiOmZhbHNlfV0sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=f33b098c-7856-42b0-b309-26d338aa0a3e&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
track.adform.net/adfscript/ Frame F691 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=43813379;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=TDzh2E8KtAC6GCnsnLh_2KB4FCnJnUbss0UviCqgi2fI2XHMwN1VMfe--5-00Wf9nqTud5vmtzCDJeZEoLSZXZ5eJZiqEybJDnyQvxeLnYwf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hUiY3ROKkd7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=4Yzbs-1CEK942u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknQwfwjjKRbZvSBbo2uPq5Vo53C_x6OdRxrgWxrYIAABn40HoKpL4vrnuCJkQUjnAzuGzZbjRLGHVIwCppaYOvJfvNN-3Ocg4PNmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyQ-tkKrLvAipA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-w0KEFlwcPxfwAXo7n9T0vDer1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
afb0aa36a39ea84ff96b9443e037bde4cab2555c676a750fbef9bdba34009d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1333
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame F691 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame F691
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=d93303c2-dfbd-4077-a069-08acb99e81b4
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=d93303c2-dfbd-4077-a069-08acb99e81b4
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c21dc9f7-fc9f-46fc-aeb4-8c7e4b91e2f3&ssp=adform&expires=30&user_group=5&bsw_param=d93303c2-dfbd-4077-a069-08acb99e81b4
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame F691
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f2b7d3c1-4930-4a9f-8639-641c34efd822
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame F691
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame C6D3 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYjUzM2QyYTItZTRjOS00MTQ2LWFiZTYtN2E3YjBmZjJjN2E0IiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwic2l6ZXMiOlt7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSx7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiN2VlY2M5ZjkxYzBlMmQiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wNTA5OTY3ODkyNDc3MDg1NCwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjE2MCwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiN2VlY2M5ZjkxYzBlMmQiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4wNTA5OTY3ODkyNDc3MDg1NCwic2l6ZSI6eyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0sInRpbWVUb1Jlc3BvbmQiOjE2MCwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6IjhiZDA5YjRhNGY3NjIyIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE3NCwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=b533d2a2-e4c9-4146-abe6-7a7b0ff2c7a4&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame C6D3 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6IjdlZWNjOWY5MWMwZTJkIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAifQ%3D%3D&id=b533d2a2-e4c9-4146-abe6-7a7b0ff2c7a4&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
track.adform.net/adfscript/ Frame 9C1C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=48901592;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=XlhCeRPicv4Lc6Hl37mzYNLbMF9KH8df3cNWiBHK2HMGvXL_1Mm6UjIQIJOmZt0pid6ZQaWmOMz54CVtxFgAnIXOBwuNDCTlr3ZiRvhiEBUf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hKSie-Yu2WiJM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R_3GY5gH7Jl42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknTihnZDn9ZRKFutntqTKJVfcUSfLp2dSRQoglohtwPM3okomu5jHCptS37UNf_Cgmd-VX2gK7OpziYFmDyqXAG8LYq89bONE1dmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyYFF0eM-ku7AA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-4Jcy2TZWfo0t2Aai-R-6Arer1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8cee5ac15bf4d86a8ef8d196257ee00d73b735029156b884c060ddbac47707b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1335
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 9C1C 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame 9C1C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=92e69f55-1916-4f34-9082-365b54ecbd05&expires=30&ssp=adform&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=60f0e959e67789b550dbbeaa782904915&cb=8367551641362007141
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame 9C1C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=60f0e959e67789b550dbbeaa782904915&cb=8367551641362007141
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dceb490b-b2d5-41f1-965c-8e01f54774c8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 9C1C
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Requested by
Host: runwaff.com
URL: https://runwaff.com/user?i=u1dvjpo9e55sy80hm5&a=60f0e959e67789b550dbbeaa782904915&cb=8367551641362007141
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2995
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame BD57 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMWNhYjc2MWYtYWQxNi00OGIzLWJlYTgtMDIwMzJjY2YyODA1IiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19LHsicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJzaXplcyI6W3sid2lkdGgiOjMwMCwiaGVpZ2h0IjoyNTB9LHsid2lkdGgiOjAsImhlaWdodCI6MH1dLCJldmVudHMiOnsicmVxdWVzdHMiOltdLCJyZXNwb25zZXMiOlt7ImJpZGRlciI6IkFERk9STSIsInBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwiaWQiOiI3NjQ0OTBhNmIxZDY0NCIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjA1MDk5Njc4OTI0NzcwODU0LCJzaXplIjp7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSwidGltZVRvUmVzcG9uZCI6MTYzLCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IkFERk9STSIsInBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwiaWQiOiI3NjQ0OTBhNmIxZDY0NCIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjA1MDk5Njc4OTI0NzcwODU0LCJzaXplIjp7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSwidGltZVRvUmVzcG9uZCI6MTYzLCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiOGMyMWRiMjFkYTJjZmMiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTY0LCJhZnRlclRpbWVvdXQiOmZhbHNlfV0sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=1cab761f-ad16-48b3-bea8-02032ccf2805&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame BD57 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6Ijc2NDQ5MGE2YjFkNjQ0IiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAifQ%3D%3D&id=1cab761f-ad16-48b3-bea8-02032ccf2805&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
track.adform.net/adfscript/ Frame 99FF 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=44599442;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiWAMOCj6MihYNkx8G7B_1tA6TzgLYuOtmzSkzd7GbUwDmS2q5jgA5HHAx9UdYsCqnCx9zN8OhROLb3DvXhlYUdW81bz57zJ8p4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hT6GyHqVsKy5M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZLq63NXtHLp42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2bwGiNYYJprETFzXf0NXnEWPntm_JP3OFzTo0G4z1ptfZowXvyBkP3KY9XkJnRlQd-XGN0Z0aUaFxXNX3rDu5jXKdpUaiVHKxy3ZGcmwcuX9mkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXhfv4YQqA8vA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-6fla7r_yYst3p8szPs1HM3er1pltXZUmg2;
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
56f86bdb12644b5d54dbf4980934de94d4fe6c14acf501021ac311311fa45139
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1344
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 99FF 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:55:54 GMT
server
nginx
etag
W/"612c9d1a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame 99FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_uid=d93303c2-dfbd-4077-a069-08acb99e81b4
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_uid=d93303c2-dfbd-4077-a069-08acb99e81b4
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=4df8561b-f3e8-41b3-869e-f0458533194c&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d93303c2-dfbd-4077-a069-08acb99e81b4&adform_v=1
Date
Wed, 05 Jan 2022 05:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame 99FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f7e3f60a-3fe0-45f1-bfa6-cc78e1938bbc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4294195725904454246
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 99FF
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ee291c2-1c1f-484f-aef9-589523feda25
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2994
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
projectagora-483829-hdb.adomik.com/ Frame 8A1D 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNmEzZDdiY2QtMmI0OS00YTAxLWJhNjctNDk2ZTQ2NGFmZDVjIiwiaG9zdG5hbWUiOiJydW53YWZmLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBREZPUk0ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTgyOTI2ODVfcmVhZDdkZWFkbHlzaW5zLmNvbV9yb3NfMzAweDI1MCIsInNpemVzIjpbeyJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0seyJ3aWR0aCI6MCwiaGVpZ2h0IjowfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6Ijc1YjViMjY0NzIyMWU3Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDUwOTk2Nzg5MjQ3NzA4NTQsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0IjoyNTB9LCJ0aW1lVG9SZXNwb25kIjoxNTIsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6Ijc1YjViMjY0NzIyMWU3Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDUwOTk2Nzg5MjQ3NzA4NTQsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0IjoyNTB9LCJ0aW1lVG9SZXNwb25kIjoxNTIsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxODI5MjY4NV9yZWFkN2RlYWRseXNpbnMuY29tX3Jvc18zMDB4MjUwIiwiaWQiOiI4ZmE5ZDY2OWRhYzdmNyIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoyMjMsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=6a3d7bcd-2b49-4a01-ba67-496e464afd5c&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
/
projectagora-483829-hdb.adomik.com/ Frame 8A1D 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6Ijc1YjViMjY0NzIyMWU3IiwicGxhY2VtZW50Q29kZSI6IjE4MjkyNjg1X3JlYWQ3ZGVhZGx5c2lucy5jb21fcm9zXzMwMHgyNTAifQ%3D%3D&id=6a3d7bcd-2b49-4a01-ba67-496e464afd5c&won=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.83.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-83-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 9030 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46016408;rtbwp=_1GWNEh9ei5mZQIeozaLU60WvdyprACV0;rtbdata=OS-8pJ27cx0WgqrA_STPLyiDO35psc3XPCecQNkDNG3itEDe_q0hDNZoOBUBnOpYe5sfN63X0TjYLcajdAV4UbtD8o44SJMTpJYSvysFFqQf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5iVCAMkSs4xOyWRzRYEgE2uOPrlth6P6armiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=DJpz_uRRh8V42u1ywTJ-2quDWUnT6fr_fiNMafvSA2A3_QvwpezOn5DzZ4xMx-m2huuso-CINz2_WlveaTmAp2I_2HtB8IE_N6mbb00j41qYBirSxcubzQFMirXwUx5DxjAMvfKFxlV0xWzavoWC8SAdGESHbPwmL3iadT8Wn-hmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyR77vrXzyh3jA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-2HB7qdyzBKJ8jNvcRCqvx_er1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 3194 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=29848506;rtbwp=6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0;rtbdata=eIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kUE0gydNGo0qHMLsI0XOHfszOevCoUmbrHCuXkiZeM4a62CBBDm805T7WXJg35mTxt71AOlDcCMQLzGSJvWRmeQZqdjold7QTERL-suXRRXTtzvLaQ0rS3K0F6vhOHP1YiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8edZr-qLRqiTsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kt64QP1LhUcZxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziw_25nsNlC37er1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame DCE4 		141 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17210/304582/1537884-15.js?&cb=0.9923076983951984&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=304582_15&rp_secure=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b91fa45b7b1dd4f2a3245544336ced5a7065803f1582ce16f45766da554c91ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-8arwF4vh09vIgWXTjgWFuo9kPJSviRbX8vwhaqD6kYck49_MCFZRuirh_imk5OZhVuhzFj9Ys3qv6yl3KSPkbaIaVvZTn7SSRRgAvLXXc_9HH6smifW55HMqcJV7OusZ40LAKsehuNz3i4ZY3Fs4Fp_1A6LRbW3LfxfsL_e6-uU453izSWP8H4KdyoUsdZDEb0Ln_YNPkHVFZ2qZT96A3wyGrQsvMnvqDkTJHgYmSuUfyO6KPrwV63geV9YAL5B0lEEIQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
84989102
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2AD6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17210/304582/1537884-15.js?&cb=0.9923076983951984&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=304582_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jan 2022 05:53:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
5f8fc14b-2fcb-466d-9ad3-83b80f954952
beacon-ams3.rubiconproject.com/beacon/d/ Frame AB6D 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/5f8fc14b-2fcb-466d-9ad3-83b80f954952?oo=0&accountId=17210&siteId=304582&zoneId=1537884&sizeId=15&e=6A1E40E384DA563B878E8E41D0ABF0FED8EC19592FCFEDD05361F1936A40673E2A65434620C29AE903C37EB839CBB674C1EBE65E7377AC8DC9AD0B7F86064EC14A65E3910050C9BF572E2E4A75177BB0525C91F6DA33F6AE590D2BEF1AA2822FF3020578D5C77972AB154B88B75B41F8D75B990B6F5974D916E7D6DFBDB51BCB254326C1CEE7F618DC34251486A982EDC6E8EEEF19CF6E74C15609DF0A1362B214D0FEFDEC6B8B88E55A1F31BD99F0CDFFD8908687A88FC79D71A8BE3E2A67FF51E707476F26637490BB9194C0271D04A36EB437091E9F4928AC97699642795CFFC46AB93FD427C2A31A8B26D87C9E45625FD6F346923D2BA762494C876F0CD5ED58F82219C5E69AF4F9ECC17101DE2BB35A91D83BD9F8819AAF5DEC130842CE172C3933968A33B711113D4D25EA3D9F1798887D5941F7F08D9F5BB17D80B7F56D05CC29BC132EB97BD67A1465D50FE2948FD51A240AC16879B17861150185C0CE9B53778AE10D2D2356DDC2932B110DF56C7091FE233C7E698F15354E2C5AE990083B62413262734F31F5CA4A91F623BCF88FC9A86FA1963E141F4113C8D10AC9C8EEB0270EA7EFD02791B9F10ACD6D7556557277E15FDBE915504A741896FCA5E1337C3B75B6BEEE16102A0320EC09692E2FA66E8AFDD8C7F7C75FAE2D61A72C18060FC9ADEB51622FA11B6A5E733E4E924F2102651CB604CC6133AD18B1D510871408E75CF687BC10370BF033574CCB073A70C83BDFDCA01EE82A2BACE24A01449DDEDB66BB0B13039F3746792F4B0976B5CDF636536DF990B52DBF72F719D92E6516940E3B1C41A9683ABB81737D4C280449C3419E818A2EE727B3126FD08B62122391C894CFF5BE0B04AD33F58DA7202345BADA49D5E4A89AD5C9758C33BA901D1143D32F3BA21FB6B6B3DCD4C95F96FD2F5CC541AE70426088742C401C
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:27 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E959 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=49007064;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiVp3B2MBGfqyW3NFcOMrER3i6BgtVR4iRPTo_Xaoj_Q3TYjw-lYUkmAThXVWmxms1sw8KJnD3qS_gmFek4aBsF23xFIFr1TVKIf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h9yF3z6YcT7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pIVd-zMCINJ42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m29uQl86fFeu6ez7MnhBBbYnj2Vo_6ynXT4pAl-FeOX65hHPQC0c22XDm6qh_7jq0mwk2d9yW1jwjgwP8GB6BffTO6TTrbqmp-TgHquwWdt8NmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXfSNcr8kJj_A7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-39gw4qdjhLIQJjFRM1GLPzer1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 2871 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43382956;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=YGm-oxVB5VY3OOhFL6P9OjMgvXe9qdTVHqyFO23zmppE0L4JMUaJuGS2q5jgA5HHjD25hKEaG-2hyAMArvKtIfMDsfRo9_yEH-AiX6BpLdsf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5gf1UDCeeOr85M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nkuY11ankpV42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2huuso-CINz3FSR2hpWoWJy1vuz9Iw4XdNJAaJcnrq0MK9cBCoinYK9T9EGiga-5CEUYwnwyOtCm0x3vNumGUlb6Cj_WUj5uSZbhL_hb2XmxmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyZTyXvmQMdmBA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-0uTTepJXYWlcxrSqG4D8ener1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 0EE5 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=41375921;rtbwp=jTJEi6lyVxRwvACUNAplWEOZ5ysc03F20;rtbdata=eIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=H7L-ACt8rWgqHMLsI0XOHaYCMasHf3U9WWfrJa27o1EIwgZLVnK38ZT7WXJg35mTsWm9lSvFgU0VKq_ZeHwv4r2k_upbjD_acM3c8kXaEpCMfW3Y1YU_8TQk20iY9v-CXmv6k211kQhRZjjBC_FqK4Fb9fToB8oe88pdwsHbbCjsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kv8fUVQeqGooxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziQlcrm-xXxIrer1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame F691 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43813379;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=TDzh2E8KtAC6GCnsnLh_2KB4FCnJnUbss0UviCqgi2fI2XHMwN1VMfe--5-00Wf9nqTud5vmtzCDJeZEoLSZXZ5eJZiqEybJDnyQvxeLnYwf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hUiY3ROKkd7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=4Yzbs-1CEK942u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknQwfwjjKRbZvSBbo2uPq5Vo53C_x6OdRxrgWxrYIAABn40HoKpL4vrnuCJkQUjnAzuGzZbjRLGHVIwCppaYOvJfvNN-3Ocg4PNmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyQ-tkKrLvAipA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-w0KEFlwcPxfwAXo7n9T0vDer1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 9C1C 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=48901592;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=XlhCeRPicv4Lc6Hl37mzYNLbMF9KH8df3cNWiBHK2HMGvXL_1Mm6UjIQIJOmZt0pid6ZQaWmOMz54CVtxFgAnIXOBwuNDCTlr3ZiRvhiEBUf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hKSie-Yu2WiJM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R_3GY5gH7Jl42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknTihnZDn9ZRKFutntqTKJVfcUSfLp2dSRQoglohtwPM3okomu5jHCptS37UNf_Cgmd-VX2gK7OpziYFmDyqXAG8LYq89bONE1dmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyYFF0eM-ku7AA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-4Jcy2TZWfo0t2Aai-R-6Arer1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
impl.20200607-25-RELEASE.js
cdn.taboola.com/libtrc/ Frame 972E 		446 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
447bc3d208c00eb034b6628cfd19d92eb2b4808cbeab6ba0894493556ee2cf37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
Ym8B3azCyJ83PicCvSzOkEo_4iGs.WLZ
content-encoding
gzip
etag
"dad3eff58ef3c7e197420f2df8f7e264"
age
0
x-cache
MISS
x-amz-replication-status
COMPLETED
fastly-restarts
1
x-amz-id-2
VRIiAFnfDEOgJ+e2z5bHL7I2jxDErzxkalmOfYm5CE7+DBW5+5RpVkmv64LWotQ0upIa7CgdGNY=
x-served-by
cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Thu, 11 Jun 2020 16:09:15 GMT
server
AmazonS3
x-timer
S1641362008.378781,VS0,VE605
date
Wed, 05 Jan 2022 05:53:28 GMT
vary
Accept-Encoding
x-amz-request-id
04H5Q1H5C4BD8Q0C
via
1.1 varnish
cache-control
private,max-age=31536000
content-length
128911
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/ Frame 972E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 03:55:08 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
85001
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rldG_C2Gv8YHumRSdGuDyn83GvauEk8C-x5k6PeTxuMNZ0VJShopxg==
impl.20200607-25-RELEASE.js
cdn.taboola.com/libtrc/ Frame CD5A 		446 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
447bc3d208c00eb034b6628cfd19d92eb2b4808cbeab6ba0894493556ee2cf37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
Ym8B3azCyJ83PicCvSzOkEo_4iGs.WLZ
content-encoding
gzip
etag
"dad3eff58ef3c7e197420f2df8f7e264"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
fastly-restarts
1
x-amz-id-2
VRIiAFnfDEOgJ+e2z5bHL7I2jxDErzxkalmOfYm5CE7+DBW5+5RpVkmv64LWotQ0upIa7CgdGNY=
x-served-by
cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Thu, 11 Jun 2020 16:09:15 GMT
server
AmazonS3
x-timer
S1641362008.385640,VS0,VE599
date
Wed, 05 Jan 2022 05:53:28 GMT
vary
Accept-Encoding
x-amz-request-id
04H5Q1H5C4BD8Q0C
via
1.1 varnish
cache-control
private,max-age=31536000
content-length
128911
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/ Frame CD5A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/read7deadlysins300x250gr-r18292685/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 03:55:08 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
85001
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
UpV8S4uhCT6j0jmHZFnAlYODKzp8PreOXuMxEzaNICArsXqze57yoQ==
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 99FF 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44599442;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiWAMOCj6MihYNkx8G7B_1tA6TzgLYuOtmzSkzd7GbUwDmS2q5jgA5HHAx9UdYsCqnCx9zN8OhROLb3DvXhlYUdW81bz57zJ8p4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hT6GyHqVsKy5M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZLq63NXtHLp42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2bwGiNYYJprETFzXf0NXnEWPntm_JP3OFzTo0G4z1ptfZowXvyBkP3KY9XkJnRlQd-XGN0Z0aUaFxXNX3rDu5jXKdpUaiVHKxy3ZGcmwcuX9mkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXhfv4YQqA8vA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-6fla7r_yYst3p8szPs1HM3er1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:23:20 GMT
/
track.adform.net/adfserve/ Frame 9030 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=46016408;rtbwp=_1GWNEh9ei5mZQIeozaLU60WvdyprACV0;rtbdata=OS-8pJ27cx0WgqrA_STPLyiDO35psc3XPCecQNkDNG3itEDe_q0hDNZoOBUBnOpYe5sfN63X0TjYLcajdAV4UbtD8o44SJMTpJYSvysFFqQf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5iVCAMkSs4xOyWRzRYEgE2uOPrlth6P6armiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=DJpz_uRRh8V42u1ywTJ-2quDWUnT6fr_fiNMafvSA2A3_QvwpezOn5DzZ4xMx-m2huuso-CINz2_WlveaTmAp2I_2HtB8IE_N6mbb00j41qYBirSxcubzQFMirXwUx5DxjAMvfKFxlV0xWzavoWC8SAdGESHbPwmL3iadT8Wn-hmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyR77vrXzyh3jA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-2HB7qdyzBKJ8jNvcRCqvx_er1pltXZUmg2;;js=1;adfxid=1x;8465;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b0710b0848d2c16c9307f0edfc650ce13f869d51e69f687cbb976d4a489ea981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3385
expires
-1
/
track.adform.net/adfserve/ Frame 3194 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=29848506;rtbwp=6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0;rtbdata=eIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kUE0gydNGo0qHMLsI0XOHfszOevCoUmbrHCuXkiZeM4a62CBBDm805T7WXJg35mTxt71AOlDcCMQLzGSJvWRmeQZqdjold7QTERL-suXRRXTtzvLaQ0rS3K0F6vhOHP1YiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8edZr-qLRqiTsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kt64QP1LhUcZxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziw_25nsNlC37er1pltXZUmg2;;js=1;adfxid=2x;3049;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
30195a6bc6988692219c6fe054cf03717fa200f4ec8c6458ca95de7dd5c142ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3750
expires
-1
/
track.adform.net/adfserve/ Frame E959 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=49007064;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiVp3B2MBGfqyW3NFcOMrER3i6BgtVR4iRPTo_Xaoj_Q3TYjw-lYUkmAThXVWmxms1sw8KJnD3qS_gmFek4aBsF23xFIFr1TVKIf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h9yF3z6YcT7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pIVd-zMCINJ42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m29uQl86fFeu6ez7MnhBBbYnj2Vo_6ynXT4pAl-FeOX65hHPQC0c22XDm6qh_7jq0mwk2d9yW1jwjgwP8GB6BffTO6TTrbqmp-TgHquwWdt8NmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXfSNcr8kJj_A7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-39gw4qdjhLIQJjFRM1GLPzer1pltXZUmg2;;js=1;adfxid=3x;3919;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
19ccf6d5a50a1087ccc4a3500a067b0bd1bc0f73ece106b7bbe080b7be539d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3415
expires
-1
/
track.adform.net/adfserve/ Frame 2871 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=43382956;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=YGm-oxVB5VY3OOhFL6P9OjMgvXe9qdTVHqyFO23zmppE0L4JMUaJuGS2q5jgA5HHjD25hKEaG-2hyAMArvKtIfMDsfRo9_yEH-AiX6BpLdsf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5gf1UDCeeOr85M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nkuY11ankpV42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2huuso-CINz3FSR2hpWoWJy1vuz9Iw4XdNJAaJcnrq0MK9cBCoinYK9T9EGiga-5CEUYwnwyOtCm0x3vNumGUlb6Cj_WUj5uSZbhL_hb2XmxmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyZTyXvmQMdmBA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-0uTTepJXYWlcxrSqG4D8ener1pltXZUmg2;;js=1;adfxid=4x;8488;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
afa8e1aea72991b738924d9c21383f8eb4cefee19fe8160e4678f9936189cfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3404
expires
-1
/
track.adform.net/adfserve/ Frame 0EE5 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=41375921;rtbwp=jTJEi6lyVxRwvACUNAplWEOZ5ysc03F20;rtbdata=eIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=H7L-ACt8rWgqHMLsI0XOHaYCMasHf3U9WWfrJa27o1EIwgZLVnK38ZT7WXJg35mTsWm9lSvFgU0VKq_ZeHwv4r2k_upbjD_acM3c8kXaEpCMfW3Y1YU_8TQk20iY9v-CXmv6k211kQhRZjjBC_FqK4Fb9fToB8oe88pdwsHbbCjsGFti06wXV5igWY-fFyQB6_wI2rX1zuvHvlcc_rY9Kv8fUVQeqGooxaMB7E3Is5U1;pui=CQ8Cld2Xq9z1pVvqnbyA-yadHRxoNWziQlcrm-xXxIrer1pltXZUmg2;;js=1;adfxid=5x;10128;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
5c97ce06d9dfc48f070b135f8d6c060ffb6c856239249e82d05894772d38800f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3570
expires
-1
/
track.adform.net/adfserve/ Frame F691 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=43813379;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=TDzh2E8KtAC6GCnsnLh_2KB4FCnJnUbss0UviCqgi2fI2XHMwN1VMfe--5-00Wf9nqTud5vmtzCDJeZEoLSZXZ5eJZiqEybJDnyQvxeLnYwf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hUiY3ROKkd7ZM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvFqirAD_H0c-swmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=4Yzbs-1CEK942u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknQwfwjjKRbZvSBbo2uPq5Vo53C_x6OdRxrgWxrYIAABn40HoKpL4vrnuCJkQUjnAzuGzZbjRLGHVIwCppaYOvJfvNN-3Ocg4PNmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyQ-tkKrLvAipA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-w0KEFlwcPxfwAXo7n9T0vDer1pltXZUmg2;;js=1;adfxid=6x;2753;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
179e0875471f2607b96a940816fae429a2775d4847bbfd0c0e6594b04c08242c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3403
expires
-1
/
track.adform.net/adfserve/ Frame 9C1C 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=48901592;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=XlhCeRPicv4Lc6Hl37mzYNLbMF9KH8df3cNWiBHK2HMGvXL_1Mm6UjIQIJOmZt0pid6ZQaWmOMz54CVtxFgAnIXOBwuNDCTlr3ZiRvhiEBUf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hKSie-Yu2WiJM1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5GUMTER0GflYCIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R_3GY5gH7Jl42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2YmTAckCaknTihnZDn9ZRKFutntqTKJVfcUSfLp2dSRQoglohtwPM3okomu5jHCptS37UNf_Cgmd-VX2gK7OpziYFmDyqXAG8LYq89bONE1dmkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyYFF0eM-ku7AA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-4Jcy2TZWfo0t2Aai-R-6Arer1pltXZUmg2;;js=1;adfxid=7x;3856;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
1ab745fbb52145607ca3ac4ca7d41985090aad628e279d5fa292f169c783e4e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3407
expires
-1
/
track.adform.net/adfserve/ Frame 99FF 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=44599442;rtbwp=5D8XFzxZLWLXasqcd2GrM6dgnaMU4Hum0;rtbdata=sqq3TV7cbiWAMOCj6MihYNkx8G7B_1tA6TzgLYuOtmzSkzd7GbUwDmS2q5jgA5HHAx9UdYsCqnCx9zN8OhROLb3DvXhlYUdW81bz57zJ8p4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5hT6GyHqVsKy5M1_8qecQJKT_W6OuuNwpDmiUtjwUGSvMVmTFKgGOZiswmFfVqDPk5d1Vab-EFQvICIxEzHzL-f0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZLq63NXtHLp42u1ywTJ-2hLmxmIq5pp_VCQ4FR9G6-_N3tDpoj5d0ZDzZ4xMx-m2bwGiNYYJprETFzXf0NXnEWPntm_JP3OFzTo0G4z1ptfZowXvyBkP3KY9XkJnRlQd-XGN0Z0aUaFxXNX3rDu5jXKdpUaiVHKxy3ZGcmwcuX9mkjsLTrdEDjr0QP3LlZu4hd-pxQOfVRJqCvFFn-BWyXhfv4YQqA8vA7z_uuw_WOM1;pui=CQ8Cld2Xq9z1pVvqnbyA-6fla7r_yYst3p8szPs1HM3er1pltXZUmg2;;js=1;adfxid=8x;6682;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
71cb62c5ae0429e179c5709089dc751b44c89a9d63ef2147ef2516993004bed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3421
expires
-1
usync.js
eus.rubiconproject.com/ Frame 2AD6 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c1c8e331f9e57876bc58b18eafb957a7863b7fe164b059ad294fe87c908ce939

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84281
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 06 Jan 2022 05:18:09 GMT
/
track.adform.net/jsmetrics/ Frame 9030 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=39&asset=21&sid=276&rid=10528&cid=33528
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 13:47:50 GMT
server
nginx
etag
"5784f506-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
eksdh605elp4
ad.ad-srv.net/zone/ Frame 3194 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/eksdh605elp4?subid=1755969044014056067&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=ADFORM_SSP:2464&extVar[]=ADFORM_DEAL:&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D29848506%3Bcrtbwp%3D6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0%3Bcrtbdata%3DeIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0%3Badfibeg%3D0%3Bcdata%3DdRMSWUFXud8SR9aSkl7IFxX5u_jltkcBt6yQai50qQ2Yaw3g2oYQwPK2IVJ_EYQrLzlEG34cFtm2caLdAVTuB3PXmYUAPADzfFpWph-XsVgAi202Irm-QiewlGOyKqbX04oPlsmoZHdLBmfU3vZW4ifyihBHUGtOF5kJaqCy6R6OnfTt5I7DdkgmzpgIlYr19ee0vC5Qr89a53DH7siR6mcD5cQEkUHeZSutLuR0vckwA3YpllK5CPPJgnJtfXvXqL1T0nMbHyWear1og7imtCW5ZJlqRvSYjPqXl7DcAeWRazMCMmWo0hl6tj4WQo9cqv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxba_BNuQynwosM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3879f21a4e923ba893952714add6f2081fba0fa2316ddde78dbebc6fcd0595d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:28 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3594
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
track.adform.net/csimpr/ Frame 3194 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=29848506&csi=aNxRk8ydA10WlB7knNDdXCCTJO_w7x5Ean4y8Rcs8PEJDwKV3Zer3PWlW-qdvID7oYlgkkk0BOIFUq7Oa373GCh7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
b2
sb.scorecardresearch.com/ Frame 972E
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008436&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008436&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008436&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32a33755c3d97ef8fe86d19%26cb%3D8861991641362007139&c9=
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=8861991641362007139
Protocol
H2
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
-xZeXjgzC9jCg4CnRBBtHQYu6wk8fG_K2p2ijLuEv8x6KVKLCFGN6Q==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 05 Jan 2022 05:53:28 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008436&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32a33755c3d97ef8fe86d19%26cb%3D8861991641362007139&c9=
content-length
271
x-amz-cf-id
kGuaxNyey3LlFNk0i5vIHKwvvotVG_mq-6KmKtMOx_OM4oaxVjHvJg==
b2
sb.scorecardresearch.com/ Frame CD5A
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008437&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fcounter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f76156...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008437&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fcounter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f7615...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008437&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fcounter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f76156c3307c45687011d2d8e2cf3%26cb%3D2932131641362007142&c9=
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=c875f76156c3307c45687011d2d8e2cf3&cb=2932131641362007142
Protocol
H2
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
46HSRbkaM7SsD7x9F8teJHZls0BjCg-H0ELVHwBUYfAE_H4AtcG3SQ==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 05 Jan 2022 05:53:28 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1641362008437&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Frunwaff.com%2Fcounter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f76156c3307c45687011d2d8e2cf3%26cb%3D2932131641362007142&c9=
content-length
274
x-amz-cf-id
CjtCHt019W94dvxD9DNCBcYZCvs2if9xMus6hhPMWKKK5u2yRpg2Ew==
r62eglto.js
ad4m.at/ Frame 0EE5 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53776
x-guploader-uploadid
ADPycds6xAeFWbbWEvU34c76wqZ6Uxs1GTy-euZYH4zJobwPF3Qidd4fiw7zIGV5CundB_9FWWC12I6-b27q8HCRxPV8dczneQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LIeysBCAr8L7Pb0J%2BtOBtvbDEu7NhoNyo07PwjjEai98eet7VEdljlQvLYXT%2BWng0amYRcUyGuqVFtslbGe6Z36KHIGoul0%2Bby2jGQJX829pzTip4cGQxTuRLjfCWZYqYNslP8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Tue, 04 Jan 2022 14:57:12 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c8a724938ef7187-LHR
cf-bgj
minify
/
track.adform.net/csimpr/ Frame 0EE5 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=41375921&csi=o5JDrGNqdLoAgB616pgClbcQ9SmVCTG24GsI4uB3-00JDwKV3Zer3PWlW-qdvID7uJe6WwTCgqqG3mH01drhRih7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/jsmetrics/ Frame F691 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=37&asset=25&sid=276&rid=10528&cid=33528
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 12 Jul 2016 13:47:50 GMT
server
nginx
etag
"5784f506-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
request.php
ad28.ad-srv.net/ Frame 3194
Redirect Chain
  • https://ad28.ad-srv.net/request.php?zone=eksdh605elp4&nw=14&renderingType=javascript&namespace=b59969a15c&subid=1755969044014056067&uid=609d6f4854258d4a&screenSize=1600x1200&screenSizeAvail=1600x12...
  • https://ad28.ad-srv.net/request.php?zone=eksdh605elp4&nw=14&renderingType=javascript&namespace=b59969a15c&subid=1755969044014056067&uid=609d6f4854258d4a&screenSize=1600x1200&screenSizeAvail=1600x12...
599 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad28.ad-srv.net/request.php?zone=eksdh605elp4&nw=14&renderingType=javascript&namespace=b59969a15c&subid=1755969044014056067&uid=609d6f4854258d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&extVar[]=ADFORM_SSP%3A2464&extVar[]=ADFORM_DEAL%3A&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D29848506%3Bcrtbwp%3D6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0%3Bcrtbdata%3DeIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0%3Badfibeg%3D0%3Bcdata%3DdRMSWUFXud8SR9aSkl7IFxX5u_jltkcBt6yQai50qQ2Yaw3g2oYQwPK2IVJ_EYQrLzlEG34cFtm2caLdAVTuB3PXmYUAPADzfFpWph-XsVgAi202Irm-QiewlGOyKqbX04oPlsmoZHdLBmfU3vZW4ifyihBHUGtOF5kJaqCy6R6OnfTt5I7DdkgmzpgIlYr19ee0vC5Qr89a53DH7siR6mcD5cQEkUHeZSutLuR0vckwA3YpllK5CPPJgnJtfXvXqL1T0nMbHyWear1og7imtCW5ZJlqRvSYjPqXl7DcAeWRazMCMmWo0hl6tj4WQo9cqv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxba_BNuQynwosM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D8fea93fb728874b1628b7aac65a76abf5%26cb%3D5502431641362007132&ancestorOrigins=https%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Fww3.read7deadlysins.com&random=207303658993&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=8fea93fb728874b1628b7aac65a76abf5&cb=5502431641362007132
Protocol
HTTP/1.1
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
544a55db3346afee34cf2d46dd48d7fc2dc8718ebcae2e84d006500d721a5772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
41621600054934500975154011830028
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
324
Expires
Wed, 05 Jan 2022 05:53:28 +0100

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=eksdh605elp4&nw=14&renderingType=javascript&namespace=b59969a15c&subid=1755969044014056067&uid=609d6f4854258d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&extVar[]=ADFORM_SSP%3A2464&extVar[]=ADFORM_DEAL%3A&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D29848506%3Bcrtbwp%3D6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0%3Bcrtbdata%3DeIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0%3Badfibeg%3D0%3Bcdata%3DdRMSWUFXud8SR9aSkl7IFxX5u_jltkcBt6yQai50qQ2Yaw3g2oYQwPK2IVJ_EYQrLzlEG34cFtm2caLdAVTuB3PXmYUAPADzfFpWph-XsVgAi202Irm-QiewlGOyKqbX04oPlsmoZHdLBmfU3vZW4ifyihBHUGtOF5kJaqCy6R6OnfTt5I7DdkgmzpgIlYr19ee0vC5Qr89a53DH7siR6mcD5cQEkUHeZSutLuR0vckwA3YpllK5CPPJgnJtfXvXqL1T0nMbHyWear1og7imtCW5ZJlqRvSYjPqXl7DcAeWRazMCMmWo0hl6tj4WQo9cqv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxba_BNuQynwosM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D8fea93fb728874b1628b7aac65a76abf5%26cb%3D5502431641362007132&ancestorOrigins=https%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Fww3.read7deadlysins.com&random=207303658993&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 05 Jan 2022 05:53:28 +0100
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 9030 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:16:44 GMT
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 3194 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:19:59 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DCE4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 05:53:28 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DCE4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 05:53:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DCE4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 31 Dec 2022 05:53:28 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame DCE4 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sat, 31 Dec 2022 05:53:28 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame DCE4 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SDLkZkgZQg_XJqijjNhgwayGK0TkGkKRc9ztpuuYtqa-VCHNMFTgSMUREEhY_c7OjWLzdSl6kyO5S1hCkofX9A4Aq9JkER6SFe53cXgeg0HcyRColNbafH_bLjvePgqFdQx8hKZ2XKM92yjdTGx4qLahjEUsueZSXN4R14bP-k-B7CeSbOckg1GlyeqeMHyct-y7WnRFjwSzXFxsKd4UWkZ6cI6b8yPHdZIKHic2xwmDNJ6muUFlp_UYTcmS2GaKNe5E1d3repB8TtV9-_3VN6djJbDU72ph66_3lfrRrPBhZfhZlctuLytDN_ARnghFwfRR4nB18AJvlWYcJmo9ZZNf1SB3X_AiZl3wqJ1wOG6fxejp_9DqjvwUuJuuclj5Kgf5gdw3gA4dnqh4EGyeQYiY5T-ppYrgLSaC7EIC5VwXt7GafezWjWGeIcMVw5vdnBK_8w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8429
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.fr.eu.criteo.com/dis/ Frame 34C4 		28 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=7944&cb=61d53257b4885c1ad18a77509935d828
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/

Response headers

date
Wed, 05 Jan 2022 05:53:27 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
1926430
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DCE4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4106721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iAUsQvk6do2oaPBDPvOqN1DsnG0emVT6g9GHmeJrrleSZ%2FZTn5rGyxQQE7Ik65nGPFf%2Bka3cdH2QoTZgEmMvt4w6%2Fh4jJWT7PfS2rLHt2rxWFo4megDnQdf4B18YY%2F2J%2FNsoxwO4X6oGfiIFFPpUyYh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c8a72495ff823df-ZRH
x-cache-tag
abcd1234
expires
Mon, 26 Dec 2022 05:53:28 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame E959 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:16:44 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 2871 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:16:44 GMT
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 0EE5 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:19:59 GMT
animejs.js
static.criteo.net/animejs/ Frame DCE4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 05:53:28 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame F691 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:16:44 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 9C1C 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:16:44 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 99FF 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.214/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 09:19:57 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 06 Jan 2022 09:16:44 GMT
img
pix.eu.criteo.net/img/ Frame DCE4 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=596&s=s6skhvwVhVv5jkxE8YVWIqPK
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b09b4568e6d05c7d8721203cf78dd283559194f22f72159d381b4e0a12c81641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 10:38:17 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1278911
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=28700720
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
15757
expires
Fri, 18 Nov 2022 15:03:37 GMT
img
pix.eu.criteo.net/img/ Frame DCE4 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:06:02 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1162045
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535963
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67224
expires
Thu, 22 Dec 2022 19:05:26 GMT
img
pix.eu.criteo.net/img/ Frame DCE4 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=400&s=U50QBZteurZUBwwnN0OH3RYn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1162158
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
70472
expires
Thu, 22 Dec 2022 19:04:08 GMT
all
csm.eu.criteo.net/ Frame DCE4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-8arwF4vh09vIgWXTjgWFuo9kPJSviRbX8vwhaqD6kYck49_MCFZRuirh_imk5OZhVuhzFj9Ys3qv6yl3KSPkbaIaVvZTn7SSRRgAvLXXc_9HH6smifW55HMqcJV7OusZ40LAKsehuNz3i4ZY3Fs4Fp_1A6LRbW3LfxfsL_e6-uU453izSWP8H4KdyoUsdZDEb0Ln_YNPkHVFZ2qZT96A3wyGrQsvMnvqDkTJHgYmSuUfyO6KPrwV63geV9YAL5B0lEEIQ&sds=2&rev=79966.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 05 Jan 2022 05:53:28 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DCE4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 05:53:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DCE4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 05:53:28 GMT
/
track.adform.net/csimpr/ Frame 9030 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46016408&csi=apqkr2KH9m811HtUqEfzMcRFGO-PtJF9WRSjb_0lSMkJDwKV3Zer3PWlW-qdvID7m4C8CqTQRwFSCJvTDkfIcSh7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
45106300.png
s1.adform.net/Banners/45106300/ Frame 9030 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/45106300/45106300.png?bv=2
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=d76c2da8c12daa85f1437d954f94f8847&cb=9868501641362007133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
72c2e9ee4b762a5633a0eb88b16e649a048dce07161bed007e6c20c2e7f17830
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Tue, 11 May 2021 09:42:38 GMT
server
nginx
etag
"609a518e-b3f8"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
46072
/
track.adform.net/csimpr/ Frame E959 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=49007064&csi=NDFzE-R947ME_GLs3KuEoY6EtlzvLGhQmTrLgBepWjQJDwKV3Zer3PWlW-qdvID7zjuhE0vX8KWfjew33-U9Qih7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
47156933.png
s1.adform.net/Banners/47156933/ Frame E959 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/47156933/47156933.png?bv=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9069755515590813e1289b482dc1ff0020b5b6e2e9fe3eb818f804816c2f65cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Thu, 26 Aug 2021 05:48:18 GMT
server
nginx
etag
"61272b22-9b02"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
39682
/
track.adform.net/csimpr/ Frame 2871 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=43382956&csi=j17nb0Jj_fcyA13lnJmZHUfh2A9TsQ2WR-omk6CYFHcJDwKV3Zer3PWlW-qdvID7yxRLADCPoPL3XiDeHkg1TSh7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
43115362.png
s1.adform.net/Banners/43115362/ Frame 2871 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/43115362/43115362.png?bv=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cd239fd6a76b8fdf6cb8a312fb6b8144b98e448747b6e59fe0a2dbaaef567fe8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Mon, 18 Jan 2021 08:48:11 GMT
server
nginx
etag
"60054b4b-8742"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
34626
frame.html
ad4m.at/ Frame 54D5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdusQCqzcste1viCqMs7-kvhCU53qtagBe5jRkcNXM8HNpNb8ST3HovydtM60MtU4rkxOvwPs0_Yjruykegksvg
expires
Wed, 05 Jan 2022 06:53:28 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
770872
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF65g%2FTU01M62Ay6UHX7zzjELDKvPNT4TA%2BzimY%2FNXHgf4ynINYYNl%2FutrkSblB55xwg01d7qmsH4wrUrjnZ1%2BD9q1yTHjtyFoR2EAUvxqrJoRx%2FMY2WBN35QBSx5O%2FsRXd3%2FOs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c8a7249fef07535-LHR
content-encoding
br
/
track.adform.net/csimpr/ Frame F691 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=43813379&csi=C955p1NKudokr4Ia4skUcBw0n3eBMZR6ufJBfD_7ijoJDwKV3Zer3PWlW-qdvID76N3QF5Z_ZOiCDLrKluiQdyh7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
43442234.png
s1.adform.net/Banners/43442234/ Frame F691 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/43442234/43442234.png?bv=2
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=9f8bdfdac88cc4de95ab77e8feb3ba165&cb=6424461641362007135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a6168f36f6f2deec7cc756b7c15ecc59dfd5c22fee91dc0f751d100d9b9ac19d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Wed, 03 Feb 2021 07:41:30 GMT
server
nginx
etag
"601a53aa-b690"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
46736
css
fonts.googleapis.com/ Frame DCE4 		2 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 04:14:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 05 Jan 2022 05:53:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jan 2022 05:53:28 GMT
/
track.adform.net/csimpr/ Frame 9C1C 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=48901592&csi=j17nb0Jj_ff-GgnQXAmnp4aAWwGG9Ivowe56ASJGVTYJDwKV3Zer3PWlW-qdvID7FqdpCEESbEHWjmJUrlULCCh7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
47499581.png
s1.adform.net/Banners/47499581/ Frame 9C1C 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/47499581/47499581.png?bv=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
aa15cf00e552a8a99c53e259baab856bcdad5c3434442766aefab47685b30c0c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Mon, 23 Aug 2021 08:47:19 GMT
server
nginx
etag
"61236097-92f3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
37619
/
track.adform.net/csimpr/ Frame 99FF 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=44599442&csi=5qqDArG_Mu6_bwSNwKrLIPdLpMz8ZQXL9BqPMt5sOrgJDwKV3Zer3PWlW-qdvID7KirwIpCZtCiHLC0DwM0qDSh7NyCYRSBYqe6r9bmqmQoDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
43961711.png
s1.adform.net/Banners/43961711/ Frame 99FF 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/43961711/43961711.png?bv=2
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=84cb9494c74b11c9c2dbca056fd5c2803&cb=2049371641362007138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5b1e544dcbfc9fda162cb503b33ac6f825a7737368c0a7dc19d45e91e2069471
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
last-modified
Thu, 11 Mar 2021 07:57:35 GMT
server
nginx
etag
"6049cd6f-17b7d"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
97149
request_content.php
ad28.ad-srv.net/ Frame 463B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad28.ad-srv.net/request_content.php?s=41621600054934500975154011830028&a=d419e564
Requested by
Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request.php?zone=eksdh605elp4&nw=14&renderingType=javascript&namespace=b59969a15c&subid=1755969044014056067&uid=609d6f4854258d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&extVar[]=ADFORM_SSP%3A2464&extVar[]=ADFORM_DEAL%3A&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D29848506%3Bcrtbwp%3D6i-gTd0CRl_NbdXuAN-eSuhoFNM0duIs0%3Bcrtbdata%3DeIaUb2LkWH3N4wLcu-mhYLgp1kTxJrlssi9jaAo6DEPgcuZ5JxJk67Kp2roO6C5QYiWgTXo7kJyWzXMPTJVfsc1Nc-wqG6-8in3Y1mYYrgcf5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhD1ZSSffk6Wk32ffiUnjj5h1dLGKgqE2dTjzXwoo_5AOWDgW8xC4iSGv--J9fBrWOIPYINfYS2gbIUrgTfZ5YbBDSMVhztckDLdj3ABadpNQ0%3Badfibeg%3D0%3Bcdata%3DdRMSWUFXud8SR9aSkl7IFxX5u_jltkcBt6yQai50qQ2Yaw3g2oYQwPK2IVJ_EYQrLzlEG34cFtm2caLdAVTuB3PXmYUAPADzfFpWph-XsVgAi202Irm-QiewlGOyKqbX04oPlsmoZHdLBmfU3vZW4ifyihBHUGtOF5kJaqCy6R6OnfTt5I7DdkgmzpgIlYr19ee0vC5Qr89a53DH7siR6mcD5cQEkUHeZSutLuR0vckwA3YpllK5CPPJgnJtfXvXqL1T0nMbHyWear1og7imtCW5ZJlqRvSYjPqXl7DcAeWRazMCMmWo0hl6tj4WQo9cqv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxba_BNuQynwosM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D8fea93fb728874b1628b7aac65a76abf5%26cb%3D5502431641362007132&ancestorOrigins=https%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Frunwaff.com%2Chttps%3A%2F%2Fww3.read7deadlysins.com&random=207303658993&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
db459d8bdb50d45f7ff93bc826731c3ffd8a51e13262e8ced73d23bbcf68a3fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/

Response headers

Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 05 Jan 2022 05:53:28 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1976
Connection
close
Content-Type
text/html; charset=utf-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 463B 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=41621600054934500975154011830028&a=d419e564
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad28.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 10:17:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jan 2023 10:17:56 GMT
777bd5a420f1e98fea27d5856f0aeebc
pv.medialead.de/trck/epv/ Frame 463B 		699 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/777bd5a420f1e98fea27d5856f0aeebc?subid=41621600054934500975154011830028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fp53cdf3n6a6xrrf%3Ftprde%3D
Requested by
Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=41621600054934500975154011830028&a=d419e564
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 / PHP/7.2.21
Resource Hash
49efb86babfe0e5527001375fb8eedd75d0e675404b418dd897528ec076debfb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains;preload, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad28.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
B9D59BB0:A4A6_91EFC182:01BB_61D53258_6B60644:297E9
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40028
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
private
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive
timeout=20
rs
ad4m.at/ Frame 0EE5 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5744342f5a6bdf5d455c27939d8d8bbf129730e95460a630d650a1900db7ad2e

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c8a724acb7c770b-LHR
date
Wed, 05 Jan 2022 05:53:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yps1b7FYL7OFSZBYxeuPboFochkAGBBpLG73mc6j7ymOPQ0BU9ZAg56QmXY%2FGDRLB4Vgrk99M58m1ihIVhmEeLGMPRRvBvRfAfKC6TKJGmHYsYY1bBUgVhFhN0wVH0nj9xrBB8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://runwaff.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-9z0n
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://runwaff.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://runwaff.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-9z0n
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FVxbQt1LQIHQUP3R%2FCpTgTsBn5TnJSQb4ujElXhvDGf8mYpQXSjnE1Bm7h4bSb3kp5xA%2BXG%2FLFsSJaNj%2BfOZaDfmxs2okrIE8fmC71x9Utl%2F3zuq%2FO9JXI%2BwmkqOfJuIzsK6E0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c8a724a8b44770b-LHR
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame DCE4 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:17:17 GMT
x-content-type-options
nosniff
age
117371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 03 Jan 2023 21:17:17 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame DCE4 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:03:04 GMT
x-content-type-options
nosniff
age
57024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:03:04 GMT
rar
as.ad4m.at/ad/ Frame A53D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=48871&b=gVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTe&f=BjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcM&c=300&d=250&e=&g=8c14d4ed3e9e0cdfa7dabf9b240bd64b%2F4124043073926145936&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641362008775&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375921%3Bcrtbwp%3DjTJEi6lyVxRwvACUNAplWEOZ5ysc03F20%3Bcrtbdata%3DeIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1%3Badfibeg%3D0%3Bcdata%3DsDSga7UIWsUSR9aSkl7IFxX5u_jltkcBt6yQai50qQ1VMk3-ue_YyRh_H0HwcdxioVYNgMpU_bW2caLdAVTuB_yTR9pqGRlbq3q9aAJ7oUkc2KoPXmXGu35TGdD_LVfEuAl4_azxGJ_hX--73ctyaEP66xFYBxBKV_kuSIP1Hy0jX8lBZJUxBMgPTkQKWv-V9F4FSgop3u9wFc3i0qijye6cTLN33yP8VgWaNeUee1rGyxsoX2UP0QRO5z1Lu3PGEqENjM7Ub2Wear1og7imtCW5ZJlqRvSYjPqXl7DcAeW0Gza1ke3d6USS52OAZXk_qv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxUhzUWyRXs53sM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfb31642524b13302ab1b4b641ff07d2781816519fdf0678d6e853632dcc2b0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8a724b1a727187-LHR
content-encoding
br
viewability
ad28.ad-srv.net/ Frame 463B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad28.ad-srv.net/viewability?s=41621600054934500975154011830028&a=d0e3e888&vb=m
Requested by
Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=41621600054934500975154011830028&a=d419e564
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad28.ad-srv.net/request_content.php?s=41621600054934500975154011830028&a=d419e564
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:28 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
async.php
platform.bidgear.com/ Frame 02BF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.bidgear.com/async.php?domainid=1042&sizeid=2&zoneid=2125&k=5c00c68a67ca2
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94293&cb=3780511641362007136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5773a61260f9b0feb6cf93e4f25a568108704c08b169468bf21d26a09d5dda5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fNYbaSeoL%2F3OoNA1tM7TPT1FWEzZkDwz%2BLUyeuOAlZqFyOg9TQJysBzoilzpcyzfMxrvYFsZosyf9yAGG%2BTokam5CCyN9jde519Z%2FaelbPeoLQlnb2xBC9gZeRqEQHNC%2B0r41vg6WnY5kX2WUnnUTeC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c8a724b3d99755a-LHR
expires
0
view.aspx
pb.media01.eu/ Frame 86EA 		0
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50149&dt_subid2=41621600054934500975154011830028&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/777bd5a420f1e98fea27d5856f0aeebc?subid=41621600054934500975154011830028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fp53cdf3n6a6xrrf%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad28.ad-srv.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 05 Jan 2022 06:53:19 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 05 Jan 2022 05:53:19 GMT
content-length
0
pb_ratenkredit_300x250.gif
ad-server.eu/wm/pb/rate/aktion/ Frame 463B 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.gif
Requested by
Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=41621600054934500975154011830028&a=d419e564
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
4191a6f79f2ccb9dd509b26ee9de69234c8de6b927e564c7fcb7970b591bd15c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad28.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:58:30 GMT
Last-Modified
Mon, 20 Dec 2021 12:36:45 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"61c078dd-9bd4"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39892
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A53D 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48871&b=gVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTe&f=BjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcM&c=300&d=250&e=&g=8c14d4ed3e9e0cdfa7dabf9b240bd64b%2F4124043073926145936&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641362008775&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375921%3Bcrtbwp%3DjTJEi6lyVxRwvACUNAplWEOZ5ysc03F20%3Bcrtbdata%3DeIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1%3Badfibeg%3D0%3Bcdata%3DsDSga7UIWsUSR9aSkl7IFxX5u_jltkcBt6yQai50qQ1VMk3-ue_YyRh_H0HwcdxioVYNgMpU_bW2caLdAVTuB_yTR9pqGRlbq3q9aAJ7oUkc2KoPXmXGu35TGdD_LVfEuAl4_azxGJ_hX--73ctyaEP66xFYBxBKV_kuSIP1Hy0jX8lBZJUxBMgPTkQKWv-V9F4FSgop3u9wFc3i0qijye6cTLN33yP8VgWaNeUee1rGyxsoX2UP0QRO5z1Lu3PGEqENjM7Ub2Wear1og7imtCW5ZJlqRvSYjPqXl7DcAeW0Gza1ke3d6USS52OAZXk_qv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxUhzUWyRXs53sM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&y=0&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=48871&b=gVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTe&f=BjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcM&c=300&d=250&e=&g=8c14d4ed3e9e0cdfa7dabf9b240bd64b%2F4124043073926145936&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641362008775&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375921%3Bcrtbwp%3DjTJEi6lyVxRwvACUNAplWEOZ5ysc03F20%3Bcrtbdata%3DeIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1%3Badfibeg%3D0%3Bcdata%3DsDSga7UIWsUSR9aSkl7IFxX5u_jltkcBt6yQai50qQ1VMk3-ue_YyRh_H0HwcdxioVYNgMpU_bW2caLdAVTuB_yTR9pqGRlbq3q9aAJ7oUkc2KoPXmXGu35TGdD_LVfEuAl4_azxGJ_hX--73ctyaEP66xFYBxBKV_kuSIP1Hy0jX8lBZJUxBMgPTkQKWv-V9F4FSgop3u9wFc3i0qijye6cTLN33yP8VgWaNeUee1rGyxsoX2UP0QRO5z1Lu3PGEqENjM7Ub2Wear1og7imtCW5ZJlqRvSYjPqXl7DcAeW0Gza1ke3d6USS52OAZXk_qv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxUhzUWyRXs53sM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
566904
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c8a724b6ff77535-LHR
cf-bgj
minify
tb.php
www.telefonica-partner.de/ Frame A53D 		683 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telefonica-partner.de/tb.php?t=117665V1225138148F&click=&subid=oneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48871&b=gVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTe&f=BjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcM&c=300&d=250&e=&g=8c14d4ed3e9e0cdfa7dabf9b240bd64b%2F4124043073926145936&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641362008775&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375921%3Bcrtbwp%3DjTJEi6lyVxRwvACUNAplWEOZ5ysc03F20%3Bcrtbdata%3DeIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1%3Badfibeg%3D0%3Bcdata%3DsDSga7UIWsUSR9aSkl7IFxX5u_jltkcBt6yQai50qQ1VMk3-ue_YyRh_H0HwcdxioVYNgMpU_bW2caLdAVTuB_yTR9pqGRlbq3q9aAJ7oUkc2KoPXmXGu35TGdD_LVfEuAl4_azxGJ_hX--73ctyaEP66xFYBxBKV_kuSIP1Hy0jX8lBZJUxBMgPTkQKWv-V9F4FSgop3u9wFc3i0qijye6cTLN33yP8VgWaNeUee1rGyxsoX2UP0QRO5z1Lu3PGEqENjM7Ub2Wear1og7imtCW5ZJlqRvSYjPqXl7DcAeW0Gza1ke3d6USS52OAZXk_qv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxUhzUWyRXs53sM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&y=0&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software
nginx /
Resource Hash
414048c388b6104400e84dda10c4ffdb0588a0f2a83ea4b9154adc555b22feaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
application/javascript
/
c.adskeeper.co.uk/pv/ Frame ACC5 		0
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.co.uk/pv/?tcfV2=1&pv=5&cbuster=1641362008888355297826&uniqId=04379&consentData=&gdprApplies=1&uspString=1---&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fww3.read7deadlysins.com&lu=https%3A%2F%2Fww3.read7deadlysins.com%2F&sessionId=61d53259-0fd03&pageView=1&pvid=17e28ccab388e9523ff&site=551062&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c8a724bcc0e233d-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame ACC5 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
content-encoding
br
cf-cache-status
HIT
age
1091
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Z1NEY4EWTSEDFNSB
x-amz-id-2
EEuLoh9eflzGp6rqTw8VJ0YSUpsFSdb72Qk0bcf4ixVOqJD941WQCPYz2AVdSr9QbW9w8Ju++9o=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6c8a724bcc03233d-ZRH
expires
Wed, 05 Jan 2022 09:53:28 GMT
/
partner.blau.de/blau/ Frame A589 		1 KB
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138148FSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros&camp=channel7&size=300x250&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138148F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138148F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros%26deepurl%3D
Requested by
Host: www.telefonica-partner.de
URL: https://www.telefonica-partner.de/tb.php?t=117665V1225138148F&click=&subid=oneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9f4a0164ec545f6c1d0b5f083d10574d9717160e9d669d148810f9d929c5debb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Wed, 05 Jan 2022 05:53:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
Vary
Accept-Encoding
Content-Encoding
gzip
/
partner.blau.de/a/ Frame CB48
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2022010506532861507417127X117665V1225131106MSoneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros
49 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2022010506532861507417127X117665V1225131106MSoneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48871&b=gVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTe&f=BjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcM&c=300&d=250&e=&g=8c14d4ed3e9e0cdfa7dabf9b240bd64b%2F4124043073926145936&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641362008775&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375921%3Bcrtbwp%3DjTJEi6lyVxRwvACUNAplWEOZ5ysc03F20%3Bcrtbdata%3DeIaUb2LkWH3-srK2ChVBBC1AMwqcsMUTh6P1sGvY7k5JKsVnUzQWEdZoOBUBnOpYXmv6k211kQhRZjjBC_FqK4Fb9fToB8oeAQrYnxFrob4f5t3JOaB1LilFVdOxSY4_fSyHo1WJjnUNjlQW2APB28TnC1Fg-I-hjk4f5IofKguQWvFgxpEjrzlx07LCOw6XyY0zOuPWI9cS3-fv7Y_HX_3v8dpLNMXt0OQAtQMnnmVCxuJU7JlJLR_WsBdvEe2PF3OSmEMjUjCwamQA54eJhJqpZASsq0l1aBb-2WH07DVGL1Hfy9ipk4ZBSecTgptce-ONHm7yzHXqRuxXzxMlB8Llox8AxerrY13RjTVWgtclyyK68maFQ3DUggotq2NGW1Ex4yIw8Tg1%3Badfibeg%3D0%3Bcdata%3DsDSga7UIWsUSR9aSkl7IFxX5u_jltkcBt6yQai50qQ1VMk3-ue_YyRh_H0HwcdxioVYNgMpU_bW2caLdAVTuB_yTR9pqGRlbq3q9aAJ7oUkc2KoPXmXGu35TGdD_LVfEuAl4_azxGJ_hX--73ctyaEP66xFYBxBKV_kuSIP1Hy0jX8lBZJUxBMgPTkQKWv-V9F4FSgop3u9wFc3i0qijye6cTLN33yP8VgWaNeUee1rGyxsoX2UP0QRO5z1Lu3PGEqENjM7Ub2Wear1og7imtCW5ZJlqRvSYjPqXl7DcAeW0Gza1ke3d6USS52OAZXk_qv9gqllUtSxAKwVVbEeREbVQbZbzrmzhTglJW9--6G_ZqeQfMPMoxUhzUWyRXs53sM_3YFrgWirZqeQfMPMoxRUOtpmCg3fz0%3B%3BCREFURL%3Dhttps%253a%252f%252fww3.read7deadlysins.com%3BC%3D1%3Bcpdir%3D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Wed, 05 Jan 2022 05:53:29 GMT
Content-Type
image/gif
Content-Length
49
Connection
keep-alive
Keep-Alive
timeout=10
X-NODEIP
46.4.62.19
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"

Redirect headers

server
nginx
date
Wed, 05 Jan 2022 05:53:28 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2022010506532861507417127X117665V1225131106MSoneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bebi_v3.js
st.bebi.com/ Frame 3086 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.bebi.com/bebi_v3.js
Requested by
Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad05740966a78657cf685251d6aea88a1e8f9df8355707c82bd727d62133011f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=lRAK1w==, md5=ttbjdiSWQ0hL79dSLd400g==
date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14
x-guploader-uploadid
ADPycdtcb3Eh2S8NtlF9fC2ICu9cXIzvYrN1lauN50GTax_vZljx6EcUtmZu5PhlEY-QCPwM4ouwxmnBIYwHaZ8ubGippwEiEA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 12 Aug 2020 11:05:22 GMT
server
cloudflare
etag
W/"b6d6e376249643484befd7522dde34d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1bDFkZoS7jlzx9Du9ShGP2U7TKi0iexoMG14psrK%2B3w2L8TjZhqTYmOOIMRiknPxiOIZ6MRNLDjfkC9I%2FtF5VF72tciAxs17PrmuS50XEMlmfC3htkloehQdzSjwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1597230322238727
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
136055
cf-ray
6c8a724c3bb671a5-LHR
expires
Wed, 05 Jan 2022 06:53:15 GMT
rec
imp9.bidgear.com/ Frame 3086 		599 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imp9.bidgear.com/rec?t=1&z=2125&uuid=0f5fca75d4a04e8cb0b30361d256af5a&p=29&g=DE&token=4a44335432&tbg=1641362008
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94293&cb=3780511641362007136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94293&cb=3780511641362007136
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE634KnxossRiKqKnY5mbHnTClMHoHjk2jAH6SoCgtxxg9PSa%2B1O9PrQPiPu%2BpRj%2B%2FFo4H6Je11luH6KyKqWX5HJsy2g4dk90hV9usj7C2nAdJkZ19xFRFOCf0Yp06x7uSuwE6MLmXstVL2Rj3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
6c8a724bee16755a-LHR
content-length
599
b15.png
platform.bidgear.com/media/img/ Frame 3086 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.bidgear.com/media/img/b15.png
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94293&cb=3780511641362007136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71529d12a50c366935078936f9533606bff2f00e195f62a78772cca16b7ca247

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:28 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Aug 2020 03:15:55 GMT
server
cloudflare
age
943665
etag
W/"5f3deaeb-17f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMaVM%2BOv1T4a%2FeNZLZXqJGeKO1YcP3hP61Wg7Twg7hxyPSzu9wEva41soKgrSINBx6ghJCvYUefZ33kUGsxjzoJ6yPvyrZYBvlhZNs0sAEvyVj%2FHRCRR29BgP8w4lD0HWKCtihYYcbutUBH0jXb1AlR0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c8a724bee17755a-LHR
expires
Sun, 19 Dec 2021 00:46:57 GMT
1
servicer.adskeeper.co.uk/842741/ Frame ACC5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.co.uk/842741/1?tcfV2=1&pv=5&cbuster=1641362008961228975014&uniqId=04379&consentData=&gdprApplies=1&uspString=1---&niet=4g&nisd=false&jsv=es6&w=700&h=226&cols=3&ref=&cxurl=https%3A%2F%2Fww3.read7deadlysins.com&lu=https%3A%2F%2Fww3.read7deadlysins.com%2F&sessionId=61d53259-0fd03&pageView=1&pvid=17e28ccab388e9523ff&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c25ae26967cbdd3301928452b59f3cd0225635b3685a3deb9fa4a66dfc1a15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c8a724c4c7c233d-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
json
trc.taboola.com/read7deadlysins300x250gr-r18292685/trc/3/ Frame 972E 		31 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/read7deadlysins300x250gr-r18292685/trc/3/json?tim=05%3A53%3A29.023&lti=deflated&data=%7B%22id%22%3A73%2C%22ii%22%3A%22%2Fsync%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1641362009021%2C%22cv%22%3A%2220200607-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frunwaff.com%2Fsync%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32a33755c3d97ef8fe86d19%26cb%3D8861991641362007139%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D1a0c8985ce32a33755c3d97ef8fe86d19%26cb%3D8861991641362007139%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218292685%22%2C%22orig_uip%22%3A%2218292685%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
gzip
server
nginx
x-timer
S1641362009.032344,VS0,VE10
x-served-by
cache-hhn4071-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/plain;charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/read7deadlysins300x250gr-r18292685/trc/3/ Frame CD5A 		31 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/read7deadlysins300x250gr-r18292685/trc/3/json?tim=05%3A53%3A29.051&lti=deflated&data=%7B%22id%22%3A26%2C%22ii%22%3A%22%2Fcounter%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1641362009050%2C%22cv%22%3A%2220200607-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frunwaff.com%2Fcounter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f76156c3307c45687011d2d8e2cf3%26cb%3D2932131641362007142%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22qs%22%3A%22%3Fi%3Du1dvjpo9e55sy80hm5%26a%3Dc875f76156c3307c45687011d2d8e2cf3%26cb%3D2932131641362007142%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2218292685%22%2C%22orig_uip%22%3A%2218292685%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
gzip
server
nginx
x-timer
S1641362009.053252,VS0,VE10
x-served-by
cache-hhn4071-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/plain;charset=utf-8
via
1.1 varnish
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 2AD6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d0761d5-3259-4b00-bba1-4d0296a71f38
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d0761d5-3259-4b00-bba1-4d0296a71f38
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif

Redirect headers

Date
Wed, 05 Jan 2022 05:53:29 GMT
Server
MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d0761d5-3259-4b00-bba1-4d0296a71f38
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 05:53:28 GMT
tap.php
pixel.rubiconproject.com/ Frame 2AD6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YdUyWQADNkX_6AAF
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdUyWQADNkX_6AAF&_test=YdUyWQADNkX_6AAF
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdUyWQADNkX_6AAF&_test=YdUyWQADNkX_6AAF
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5daa34953a867809056448757b76591b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641362009.189954,VS0,VE0
x-served-by
cache-hhn4062-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdUyWQADNkX_6AAF&_test=YdUyWQADNkX_6AAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 2AD6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 2AD6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY14K6LS-P-2CO0&sigv=1&esig=2~69c0b953c9764e50e56d412d3dd73982f69502b5
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY14K6LS-P-2CO0&sigv=1&esig=2~69c0b953c9764e50e56d412d3dd73982f69502b5
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY14K6LS-P-2CO0&sigv=1&esig=2~69c0b953c9764e50e56d412d3dd73982f69502b5
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 2AD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 2AD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG224Qx-8C6WtmKaC__rPW8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG224Qx-8C6WtmKaC__rPW8&google_cver=1
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5daa34953a867809056448757b76591b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG224Qx-8C6WtmKaC__rPW8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2AD6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxNEs2TFMtUC0yQ08w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxNEs2TFMtUC0yQ08w
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxNEs2TFMtUC0yQ08w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2AD6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNmNjMzNjEwOTdiMWE1OTk4ODhmZDNkNWY1MjFmNzMwNGFhYzEyOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNmNjMzNjEwOTdiMWE1OTk4ODhmZDNkNWY1MjFmNzMwNGFhYzEyOQ
Requested by
Host: runwaff.com
URL: https://runwaff.com/send?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed5&cb=8288651641362007134
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNmNjMzNjEwOTdiMWE1OTk4ODhmZDNkNWY1MjFmNzMwNGFhYzEyOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcmads.js
www.googletagservices.com/dcm/ Frame A589 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: partner.blau.de
URL: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138148FSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros&camp=channel7&size=300x250&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138148F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138148F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidBjRsgfqAjxs1GxTxHMt5ugC66pt4TeTExcMoneid__adfPros%26deepurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://partner.blau.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 06:38:44 GMT
sa
go.bebi.com/w/1.1/ Frame 3086 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.bebi.com/w/1.1/sa?o=9070095970&callback=o9e9070095970&ju=https%3A//ww3.read7deadlysins.com/&jr=&stck=https%3A//ww3.read7deadlysins.com/%2Chttps%3A//runwaff.com/counter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D3191181510d1c5163e53c1097b6d94293%26cb%3D3780511641362007136%2Chttps%3A//runwaff.com/counter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D3191181510d1c5163e53c1097b6d94293%26cb%3D3780511641362007136%2Chttps%3A//runwaff.com/counter%3Fi%3Du1dvjpo9e55sy80hm5%26a%3D3191181510d1c5163e53c1097b6d94293%26cb%3D3780511641362007136&ai=1&r=119542536&pl=42861&dims=300x250&adxy=0%2C0&exclude=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=301x251&ifr=1&bi=30d08bc4-428c-4e9d-89c0-8a8423a44129&pxr=false
Requested by
Host: st.bebi.com
URL: https://st.bebi.com/bebi_v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cf46e21ace01cc794bf5d4f665d8d4c38dca858b5f97e65745d70e7cb6d87a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvPJOJFXoJt21BjmdJh369FN2bW%2FqaThKWDyIirJVjO3rHJHK%2BviS3DGxuWylZ8vnwYWd%2BN5j%2BswOb4OWk219KX%2FrUgf0v0XsdBLRgAac5wUAiAHDxhQILsY545lig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
application/json
content-encoding
br
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c8a724cfc2671a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
0
debug
trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/ Frame 972E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/debug?tim=05%3A53%3A29.080&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=7505&cv=20200607-25-RELEASE&lt=deflated
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=8861991641362007139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jan 2022 05:53:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641362009.083057,VS0,VE0
x-served-by
cache-hhn4071-HHN
x-cache
HIT
content-type
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
debug
trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/ Frame 972E 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/debug?tim=05%3A53%3A29.081&type=error&msg=loadRBox%20failed%2C%20aborting.&id=4047&cv=20200607-25-RELEASE&lt=deflated
Requested by
Host: runwaff.com
URL: https://runwaff.com/sync?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=8861991641362007139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jan 2022 05:53:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641362009.083119,VS0,VE0
x-served-by
cache-hhn4071-HHN
x-cache
HIT
content-type
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
debug
trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/ Frame CD5A 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/debug?tim=05%3A53%3A29.082&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=2667&cv=20200607-25-RELEASE&lt=deflated
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=c875f76156c3307c45687011d2d8e2cf3&cb=2932131641362007142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jan 2022 05:53:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641362009.084448,VS0,VE0
x-served-by
cache-hhn4071-HHN
x-cache
HIT
content-type
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
debug
trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/ Frame CD5A 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/read7deadlysins300x250gr-r18292685/log/2/debug?tim=05%3A53%3A29.082&type=error&msg=loadRBox%20failed%2C%20aborting.&id=8836&cv=20200607-25-RELEASE&lt=deflated
Requested by
Host: runwaff.com
URL: https://runwaff.com/counter?i=u1dvjpo9e55sy80hm5&a=c875f76156c3307c45687011d2d8e2cf3&cb=2932131641362007142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jan 2022 05:53:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641362009.084507,VS0,VE0
x-served-by
cache-hhn4071-HHN
x-cache
HIT
content-type
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame ACC5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
br
cf-cache-status
HIT
age
1092
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Z1NEY4EWTSEDFNSB
x-amz-id-2
EEuLoh9eflzGp6rqTw8VJ0YSUpsFSdb72Qk0bcf4ixVOqJD941WQCPYz2AVdSr9QbW9w8Ju++9o=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6c8a724cd90d2397-ZRH
expires
Wed, 05 Jan 2022 09:53:29 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF80ODQseV8zODQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvMTAxOTI0LzY0MDFhO...
s-img.adskeeper.co.uk/g/11739875/492x328/-/ Frame ACC5 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/11739875/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF80ODQseV8zODQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvMTAxOTI0LzY0MDFhODFmNzRjYjY3Mzk3NWRmMGVjNDVkZGYwN2VhLmpwZw.webp?v=1641362009-tJL2lXIDzfn5zIXdiAxQrxiSApTOKT2h-B40zN2t9vo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08bf7d544f0300fafda6c225a6b17543ec8e29a4280435fb21de1def62e593e3

Request headers

Referer
https://ww3.read7deadlysins.com/
Origin
https://ww3.read7deadlysins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:50:37 GMT
x-mg-request-uuid
15f6f922-aff3-4bdb-91e1-9eeba2c9062c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8a724d2a520219-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19966
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC8yMTEzOGQ3Y2M4NDRjY2RiN...
s-img.adskeeper.co.uk/g/10881016/492x328/-/ Frame ACC5 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/10881016/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC8yMTEzOGQ3Y2M4NDRjY2RiNThhOTkyYWZkNmVmZTFlOC5qcGVn.webp?v=1641362009-l8HWvcouiX_mtrX0dTdiYxsRtxzsVIbxgPB1J7XM-0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb31c914a735c6186d240a45952ec418acf8bcd35b2d83acd0bc20e6fe5a0b2d

Request headers

Referer
https://ww3.read7deadlysins.com/
Origin
https://ww3.read7deadlysins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:20 GMT
x-mg-request-uuid
d3f1280f-1087-4867-816f-866a44815284
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8a724d2a540219-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15860
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTAyLTI0LzAzNGY5OWI3NDhmOGZkMTNlMDYwMDU1ZDZmOTQ2N2E1LmpwZz90PTE0NTYzMzI0NzM4MzU.webp
s-img.adskeeper.co.uk/g/3805418/492x328/0x0x492x328/ Frame ACC5 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/3805418/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTAyLTI0LzAzNGY5OWI3NDhmOGZkMTNlMDYwMDU1ZDZmOTQ2N2E1LmpwZz90PTE0NTYzMzI0NzM4MzU.webp?v=1641362009-uuHsntLKJnlePH0GRTbP9si2Yd2_QQDV7Gn8RlQfZpw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4b94e339ae4c289dc08e07272fde953c878cdb3690135acc34f3b6a5231b87

Request headers

Referer
https://ww3.read7deadlysins.com/
Origin
https://ww3.read7deadlysins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:54:36 GMT
x-mg-request-uuid
6539faba-3a56-48a1-9c01-05ea78c5726c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8a724d2a560219-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19508
server
cloudflare
i.js
cm.adskeeper.co.uk/ Frame ACC5 		0
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1641362009130396426962&consentData=&gdprApplies=1&uspString=1---
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ww3.read7deadlysins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 05 Jan 2022 05:53:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c8a724d3d8b233d-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.adskeeper.co.uk/ Frame 00CA 		0
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1641362009145686457866&consentData=&gdprApplies=1&uspString=1---
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/b/i/bidgear.readnaruto.com.842741.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 05 Jan 2022 05:53:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c8a724d3d87233d-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
impl_v81.js
www.googletagservices.com/dcm/ Frame A589 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://partner.blau.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 12:47:33 GMT
go
trck.bebi.com/1.0/ Frame 3086 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trck.bebi.com/1.0/go?tq=D77EEI2zT1KDw1x6pWBaK5iO6uKC8bJrRZNn26aP4nURz4UVbrsEIzW3Ct5HAy0YRkaFJ2wWWtbaAWP3w9jrl8Y9ozOZr-jHTt74tPunQVbN1cDanKaAHcohQYb_tLhczRDIXcYu3zS_Rsi9Jr6QzOaOp4NZk-Mm_DeRpuw8whMBex6sOp75dSQ-GQTYKeWX1KvmLyFCqk171khuyEMj2YnwIdH-RxiT8njIzyznlAo-SsBtihUQhFlWgRaIoNdGtxJFw3PTKgDQ7s0YpMMqJKdJ865kVHmaxgfua-BLqIjgVsY7QjnZz-gYHTaY9fn1IDgOuSnkUzUsyUNM1KAk-6ZAzIZWFk-FlTt03hbk36E86MUNfJyYNLCEjhxuVYsiCtcfsq3Bh6UPGJnet_rGuIA1rULs_lJw8_mcYBko8M2BGogel8RA7XEO-tpKh5oA55awMPCLuICnbjwix0c9cdpDDMEJOrRfZF_uWjjWCzDnPFCKNtwEUvYULIgUlOL2uby3oWfanbIL7-97aOaANTS2ffr13SfSTKBXevO_H0_taWpMsuAxdUyG0J5W4CCCYAl7tXgOMPnU7cRA3h4NUpfj4an2KZpPf0NXSZxf5d40kXLWmEGZ983vDkjUwQcfS4ydjtCBCVyJLRz-CCyQnyeBYjfdOxkAm7VhMfmv1S2Yt5y6kN-NsLsIc9daUZ18LPfqhHEyo4ZYRN2kgQeJpC0Eb-SNCn0Au_1vBTIswIxUHRB8iZebrxBlQfLFeU-gkQ4T_MTMfP0puha2aKTUMcZei173W8SC5lgAO1ee-AW_h7rohFS5S5Jy22QHrQ4l_uead_NqrZovA3iiTy2MQoH4Ju_7lLLVXS76KuPNqLfOi6CFYnuhyHcZuSODj30oE5zvqzRt9b0ht98OGKxRMgrAvU5SRc2yj7AuJGsUUBRC8MwWhw-KgluZSKafHoUhAfqpmDIIzHSH10LdhMNAQLWXs4dy_JaBLE36wpqK_RZRR8ZgIR1wLjRBkh-SykIvSh9_iUfiT-3Oz1OdK-8p1oh_Z4dMXLHLYhuVmgse302YlPT0EtTQYExsAsxaBMVTQPUK70BjjNgmzg_r_sjxfI20GD0Ak9mcRi1R5ZN94Rs7T-7Lq31aGJUBX82gSw6r5UfaAr4mVFNuR9v1uMJaiYuSJ0GCqr7egGPexgt8ts5WrSq54TwiOv2sywIQVHQ87LZ-ikpcv67x53vNo3mQ5g&bi=30d08bc4-428c-4e9d-89c0-8a8423a44129&bbuid=3e030255-68cf-4c24-ba1d-d3bb5ddc8cc3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZXVG615g4wUiZWkodVlC0wUmtoyXgBxHGTfD70j0vhfCx5MpZ%2FdUEUfOUIp7PJzL18zAoQIM9rp5f5mohjeFMGeR4PpguLtUkJQ0NP9qPQXzpoPruUMqBnf3LzG0tyF"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, private, no-cache no-store proxy-revalidate
cf-ray
6c8a724e9d1f71a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
eu-node1.solutionslabkit.com/ Frame 3086 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-node1.solutionslabkit.com/?tpw=nurl&prf=0.10081&t=bn&hash=1e85ede01d54915ac8d4d4b91e15ae78
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.161.94 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
94.161.serverel.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 05 Jan 2022 05:53:29 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
Content-Type
text/html; charset=UTF-8
adframe.php
ad.bsmartad.net/ Frame 2723 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=9673&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6ImEyZmRhZDI1ZDkxMWE4YTRiMzk4Mjg3NTlkMjgyMzYxIiwiYmlkIjoiYnNkXzNfMjVfNzMwNjFkNTMyNTkyYWIzZSIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoid3czLnJlYWQ3ZGVhZGx5c2lucy5jb20iLCJjb3VudHJ5IjoiREVVIiwicHViaWQiOiI3YzUzNjc4ODQ4ZGZlYTJkNGEwNzU2ODUzZjBhOWNjNWM2YzBlNjQ0IiwiaXAiOiIxODUuMjEzLjE1NS4wIiwidGltZSI6MTY0MTM2MjAwOX0%3D
Requested by
Host: st.bebi.com
URL: https://st.bebi.com/bebi_v3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:51c0:0:13d:247::1 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
93f2c48c7fc0f93d6285027d88ee05746e30da4cbc479bb3a0a3aa1258d23d20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/

Response headers

server
nginx/1.10.3
date
Wed, 05 Jan 2022 05:53:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
aa.js
q.adrta.com/s/bzk/ Frame D4C7 		906 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/bzk/aa.js?cb=fdeb09a41991385c839dee7d501911e7
Requested by
Host: st.bebi.com
URL: https://st.bebi.com/bebi_v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.147.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-147-140.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
34a8aceb33deb5a368ca7aac2f2f43afdabf7233d289936e913106b9f89973df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 05 Jan 2022 05:53:29 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
906
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
/
eu-node1.solutionslabkit.com/ Frame D4C7 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-node1.solutionslabkit.com/?tpw=i&spr=0.10081&dp=244-58695ef9d9db8ee3c4037505db8edafd&t=bn&hash=1e85ede01d54915ac8d4d4b91e15ae78
Requested by
Host: st.bebi.com
URL: https://st.bebi.com/bebi_v3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.161.94 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
94.161.serverel.net
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 05:53:29 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Content-Type
image/gif
all
csm.eu.criteo.net/ Frame DCE4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-8arwF4vh09vIgWXTjgWFuo9kPJSviRbX8vwhaqD6kYck49_MCFZRuirh_imk5OZhVuhzFj9Ys3qv6yl3KSPkbaIaVvZTn7SSRRgAvLXXc_9HH6smifW55HMqcJV7OusZ40LAKsehuNz3i4ZY3Fs4Fp_1A6LRbW3LfxfsL_e6-uU453izSWP8H4KdyoUsdZDEb0Ln_YNPkHVFZ2qZT96A3wyGrQsvMnvqDkTJHgYmSuUfyO6KPrwV63geV9YAL5B0lEEIQ&sds=2&rev=79966.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=31B9855F295626AE&u=%7C%2F8gytaIrCh8ATjQhi8pPETq%2BH74ARHEE4AASkysZotY%3D%7C&c1=92U3al7lWbVmeBs5kV1BdtL1fLiyqTtS1i4r4gcqJw6sHrEkub6yyT0MEiGmtIJBK70rAHpdhrXOdqKtOvk_odNnB83Vpb9UpmEzizgB94hSt0eZNKIFyAorsrjGNFuSzl0Lqqjn7oNnyqvhegQDwT8OosZuF__BEIq-HxgwDw4xwa98xW2VwKvD-l5wF_OUZgZQQgli2VU0KnUjDw13zYcrD0J3UcQ4gr4qHn8MrPE1-lAdJJCkS9JDRe6Ykwxx37ZAfqHwhnb4cSFXPJdCLIyQVbudDvX9DUL777byI8Er21_fEslD5NMSIwoyt67pdkBf0PN4GJmVwe6T73FOa2GPwkYTMEvZgEzA4P7KHMYcLjceJDpNHiB7oeTtYMvdL-CgNMxI0Yyex2zP3LGie2YnNARYaYbzC66FbkZoHJ7ZjuRydEq67hnCYPwJfNYlSixGM8uEgllqUCzDogqOkX4Gnhz0peWxRnOshLjPsriZ10cDRPMkqJuAz9qolWjTzCsVp8GG7As
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 05 Jan 2022 05:53:29 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
/
adx.adform.net/adx/unload/ Frame 7520 		35 B
486 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1641362009600
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://runwaff.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://runwaff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
1611303851_219x211.gif
storage.googleapis.com/adcell/external/banner/8880/ Frame 2723
Redirect Chain
  • https://t.adcell.com/p/image?promoId=252348&slotId=77305&subId=bxkhszaahxktakmaskwuaaapwnxwkm
  • https://storage.googleapis.com/adcell/external/banner/8880/1611303851_219x211.gif
300 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/adcell/external/banner/8880/1611303851_219x211.gif
Requested by
Host: ad.bsmartad.net
URL: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=9673&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6ImEyZmRhZDI1ZDkxMWE4YTRiMzk4Mjg3NTlkMjgyMzYxIiwiYmlkIjoiYnNkXzNfMjVfNzMwNjFkNTMyNTkyYWIzZSIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoid3czLnJlYWQ3ZGVhZGx5c2lucy5jb20iLCJjb3VudHJ5IjoiREVVIiwicHViaWQiOiI3YzUzNjc4ODQ4ZGZlYTJkNGEwNzU2ODUzZjBhOWNjNWM2YzBlNjQ0IiwiaXAiOiIxODUuMjEzLjE1NS4wIiwidGltZSI6MTY0MTM2MjAwOX0%3D
Protocol
H2
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3df2ab501eb443636c6ccfbc662d0dfad436f1e45587b85a7a68f1e595835385

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.bsmartad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
age
0
x-guploader-uploadid
ADPycds2uVuwwfEElB6-7hWM_Ml9SDXYTxJP2p8gw7WkoQvaFI66M1m03OxUEVurAc7V4DQG7jGjCAjluH4NJnQJofg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306829
last-modified
Fri, 22 Jan 2021 08:24:11 GMT
server
UploadServer
etag
"bcf9a8b6f2f5adfab7504f2ac6d7a75c"
x-goog-hash
crc32c=FQsb2Q==, md5=vPmotvL1rfq3UE8qxtenXA==
x-goog-generation
1611303851247331
cache-control
public, max-age=3600
x-goog-stored-content-length
306829
accept-ranges
bytes
content-type
image/gif
expires
Wed, 05 Jan 2022 06:53:29 GMT

Redirect headers

date
Wed, 05 Jan 2022 05:53:29 GMT
server
myracloud
strict-transport-security
max-age=15768000
content-type
text/html
location
https://storage.googleapis.com/adcell/external/banner/8880/1611303851_219x211.gif
cache-control
max-age=0
content-length
0
expires
Wed, 05 Jan 2022 05:53:29 GMT
imp.php
rtbnote.bsmartdata.com/ Frame 2723 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtbnote.bsmartdata.com/imp.php?bid=bsd_3_25_73061d532592ab3e&ref=eyJ1YSI6ImEyZmRhZDI1ZDkxMWE4YTRiMzk4Mjg3NTlkMjgyMzYxIiwiYmlkIjoiYnNkXzNfMjVfNzMwNjFkNTMyNTkyYWIzZSIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoid3czLnJlYWQ3ZGVhZGx5c2lucy5jb20iLCJjb3VudHJ5IjoiREVVIiwicHViaWQiOiI3YzUzNjc4ODQ4ZGZlYTJkNGEwNzU2ODUzZjBhOWNjNWM2YzBlNjQ0IiwiaXAiOiIxODUuMjEzLjE1NS4wIiwidGltZSI6MTY0MTM2MjAwOX0=
Requested by
Host: ad.bsmartad.net
URL: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=9673&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6ImEyZmRhZDI1ZDkxMWE4YTRiMzk4Mjg3NTlkMjgyMzYxIiwiYmlkIjoiYnNkXzNfMjVfNzMwNjFkNTMyNTkyYWIzZSIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoid3czLnJlYWQ3ZGVhZGx5c2lucy5jb20iLCJjb3VudHJ5IjoiREVVIiwicHViaWQiOiI3YzUzNjc4ODQ4ZGZlYTJkNGEwNzU2ODUzZjBhOWNjNWM2YzBlNjQ0IiwiaXAiOiIxODUuMjEzLjE1NS4wIiwidGltZSI6MTY0MTM2MjAwOX0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.90.198.147 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.bsmartad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:29 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
view
t.adcell.com/p/ Frame 33F0 		42 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adcell.com/p/view?promoId=252795&slotId=77305&pv=1&subId=bxkhszaahxktakmaskwuaaapwnxwkm
Requested by
Host: ad.bsmartad.net
URL: https://ad.bsmartad.net/adframe.php?zoneid=11796&bannerid=9673&gdpr=0&gdpr_consent=&consent=1&ref=eyJ1YSI6ImEyZmRhZDI1ZDkxMWE4YTRiMzk4Mjg3NTlkMjgyMzYxIiwiYmlkIjoiYnNkXzNfMjVfNzMwNjFkNTMyNTkyYWIzZSIsInNzcCI6ImJpenpjbGljayIsInNzcGlkIjoiMjUiLCJyZWZlcmVyIjoid3czLnJlYWQ3ZGVhZGx5c2lucy5jb20iLCJjb3VudHJ5IjoiREVVIiwicHViaWQiOiI3YzUzNjc4ODQ4ZGZlYTJkNGEwNzU2ODUzZjBhOWNjNWM2YzBlNjQ0IiwiaXAiOiIxODUuMjEzLjE1NS4wIiwidGltZSI6MTY0MTM2MjAwOX0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.bsmartad.net/

Response headers

server
myracloud
date
Wed, 05 Jan 2022 05:53:29 GMT
content-type
image/gif
content-length
42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
expires
Sat, 11 Jan 2003 12:59:00 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
pragma
no-cache
strict-transport-security
max-age=15768000
r.js
q.adrta.com/s/bzk/ Frame D4C7 		127 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/bzk/r.js?v=21.20&rcb=646793&cb=fdeb09a41991385c839dee7d501911e7
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/bzk/aa.js?cb=fdeb09a41991385c839dee7d501911e7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.147.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-147-140.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
424880d2b66c752ec8efb0eca8b45f3333c92ff6f6c41a9dfec4fcd8413f07c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 05 Jan 2022 05:53:29 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
127
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdnf.js
pix.adrta.com/ Frame D4C7 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=22.90
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/bzk/aa.js?cb=fdeb09a41991385c839dee7d501911e7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-26.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
gQKNnPDF2oRplSlO3PhR6NV_ppMFdCpa
content-encoding
gzip
last-modified
Sat, 04 Dec 2021 05:41:34 GMT
server
AmazonS3
age
19496
etag
W/"684ed23431ba46a7fc6c71928e6e4ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
date
Wed, 05 Jan 2022 00:28:34 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OPGotrWu3tKCWARtghj4_5yhT6N9N45Y-omyxMluMf5p9RVpOuEOGA==
/
ipv6.adrta.com/ Frame D4C7 		131 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1641362009826
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b04:4b20:7324:37cc:771 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 / Express
Resource Hash
f80d4013d79c418296e4dda29f9349c433cbe2bd866896cad4957e867cf6404c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 05:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3
x-powered-by
Express
etag
W/"83-85LaBHY/3YD1p14AdbiASRAsio4"
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame D4C7 		143 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=75840191&__aasv=22.91&__aaii=471307512914437637&__aait=1641362009716&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=0&__aahd=%7B%22chrome%22%3A1%7D&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=fdeb09a41991385c839dee7d501911e7&__aaxf=185.213.155.176%2C%2010.1.4.73&__aaci=bzk&paid=bzk&avid=244&caid=bsc_1672&plid=bscr_9673&publisherId=7c53678848dfea2d4a0756853f0a9cc5c6c0e644&siteId=7bce584d22a8&priceBid=0.10281&kv1=300x250&kv2=ww3.read7deadlysins.com&kv3=830e300d8dbd78552431d97106edf706baf725cd&kv4=185.213.155.176&kv5=EU&kv6=ww3.read7deadlysins.com&kv7=bebimedia&kv10=null&kv11=2f241a5c6d63394caffeca422d7dcd33&kv12=2652782b3d890a2bb&kv15=DEU&kv16=50.1025&kv17=8.6299&kv18=null&kv19=null&kv23=null&kv24=Desktop_banner&kv25=ww3.read7deadlysins.com&kv26=Windows&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&kv28=Unknown_Unknown&__aapu=https%3A%2F%2Frunwaff.com%2Fcounter&__aapr=https%3A%2F%2Fww3.read7deadlysins.com&__aatu=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.231.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-231-39.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
23c528a81277daccbb7007916d707c010e1cb05fa9fbda4202bc1b5d6c97fcb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:30 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
content-length
100
expires
Thu, 01 Jan 1970 00:00:00 GMT
i
adrta.com/ Frame D4C7 		15 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=38443982&__aasv=22.91&__aaii=471307512914437637&__aait=1641362009716&__aasi=5148517920164853921&__aast=1641362009607&__aavi=2443870980580660812&__aavt=1641362009607&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=0&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=140&__aacd=1&__aaax=0&__aaay=0&__aasz=300x250&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=0&__aaas=405&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=fdeb09a41991385c839dee7d501911e7&__aaxf=185.213.155.176%2C%2010.1.4.73&__aaci=bzk&paid=bzk&avid=244&caid=bsc_1672&plid=bscr_9673&publisherId=7c53678848dfea2d4a0756853f0a9cc5c6c0e644&siteId=7bce584d22a8&priceBid=0.10281&kv1=300x250&kv2=ww3.read7deadlysins.com&kv3=830e300d8dbd78552431d97106edf706baf725cd&kv4=185.213.155.176&kv5=EU&kv6=ww3.read7deadlysins.com&kv7=bebimedia&kv10=null&kv11=2f241a5c6d63394caffeca422d7dcd33&kv12=2652782b3d890a2bb&kv15=DEU&kv16=50.1025&kv17=8.6299&kv18=null&kv19=null&kv23=null&kv24=Desktop_banner&kv25=ww3.read7deadlysins.com&kv26=Windows&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&kv28=Unknown_Unknown&__aapu=https%3A%2F%2Frunwaff.com%2Fcounter&__aapr=https%3A%2F%2Fww3.read7deadlysins.com&__aatu=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.231.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-231-39.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:30 GMT
cache-control
no-cache
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type
text/javascript;charset=ISO-8859-1
content-length
15
expires
Thu, 01 Jan 1970 00:00:00 GMT
i
adrta.com/ Frame D4C7 		15 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=55326205&__aasv=22.91&__aaii=471307512914437637&__aait=1641362009716&__aasi=5148517920164853921&__aast=1641362009607&__aavi=2443870980580660812&__aavt=1641362009607&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=0&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=140&__aacd=1&__aaax=0&__aaay=0&__aasz=300x250&__aapf=1&__aaec=4&__aaup=3&__aaat=0&__aaae=0&__aaav=1&__aaas=702&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=fdeb09a41991385c839dee7d501911e7&__aaxf=185.213.155.176%2C%2010.1.4.73&__aas21=2a03%3A1b20%3A6%3Af011%3A%3A7e&__aas23=2a03%3A1b20%3A6%3Af011%3A%3A7e%2C%2010.2.4.31&__aaci=bzk&paid=bzk&avid=244&caid=bsc_1672&plid=bscr_9673&publisherId=7c53678848dfea2d4a0756853f0a9cc5c6c0e644&siteId=7bce584d22a8&priceBid=0.10281&kv1=300x250&kv2=ww3.read7deadlysins.com&kv3=830e300d8dbd78552431d97106edf706baf725cd&kv4=185.213.155.176&kv5=EU&kv6=ww3.read7deadlysins.com&kv7=bebimedia&kv10=null&kv11=2f241a5c6d63394caffeca422d7dcd33&kv12=2652782b3d890a2bb&kv15=DEU&kv16=50.1025&kv17=8.6299&kv18=null&kv19=null&kv23=null&kv24=Desktop_banner&kv25=ww3.read7deadlysins.com&kv26=Windows&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&kv28=Unknown_Unknown&__aapu=https%3A%2F%2Frunwaff.com%2Fcounter&__aapr=https%3A%2F%2Fww3.read7deadlysins.com&__aatu=https%3A%2F%2Fww3.read7deadlysins.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.231.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-231-39.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://runwaff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 05:53:30 GMT
cache-control
no-cache
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type
text/javascript;charset=ISO-8859-1
content-length
15
expires
Thu, 01 Jan 1970 00:00:00 GMT
img
pix.eu.criteo.net/img/ Frame DCE4 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:06:02 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1162048
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535963
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67224
expires
Thu, 22 Dec 2022 19:05:26 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| __cfQR object| vitag object| d boolean| canRunAds string| GoogleAnalyticsObject function| ga boolean| __cfRLUnblockHandlers boolean| 73799716413620071154b2043e85f50422a418b7d280ac543d86 object| cintvls object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _VLIOBJ string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport object| regeneratorRuntime function| __tcfapiui object| $sf function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid object| googletag object| ggeac object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google undefined| google_measure_js_timing object| scCGSHMRCache boolean| _mgPageViewEndPoint551062 string| _mgPvid boolean| _mgPageView551062

77 Cookies

Domain/Path Name / Value
ww3.read7deadlysins.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdFR0dXdEl6SXpqLzJqNnBnL2tPN3c9PSIsInZhbHVlIjoidWRZMkdYZTMxZUJIUUVlU1dDZi9Jb2pLalMwNmZEdnN3dEdUeHhSbzR1ZDR2QVRnYTR3L0R0WEx2M2c4WGo2a21Nc0hocFB0dmZjUS8wQUZqTUZBbWtJeG1UZzRRWFJZQVNiQU9saUtKSllaYllBWDk5b1IxcUtaUEZpVjgvd1QiLCJtYWMiOiJlYmE1NjE0YjQ3MzczYTk5YWIzY2UyYWE2ZDc1OWM0YTQ2MGRiYjE2NGU2N2ExMDgyOGRmNDU3OWE2OTIyZGZkIn0%3D
ww3.read7deadlysins.com/ Name: read_7_deadly_sins_manga_session
Value: eyJpdiI6ImxtenQ0UGxObC9kd1VRWENhRUI5Qmc9PSIsInZhbHVlIjoiRFVoOXo1U2hJejhjWDdHbkQxRjVpZFRZcVVUeDZzTkh0MC9rNWllb0dvRGJJSC9JYW5uazJIejhlYlJEZnNIekl3MVp4MjBjdGhrUzUxa1NObEhwZno0WWdpcEo5UG5nUHMrRWg2U25sZFZKa0dGeGhWd0lhWlN3T0lEN0cxeDMiLCJtYWMiOiI4N2E0YTY1OWNjMTRmODQ2NjBiZjg1OGY2MmNjYjc5ZGZjNzMyMDVhM2NkYjFhNTU0M2FkNzAzMmU0NzMxZDYzIn0%3D
runwaff.com/ Name: SSID
Value: c3723f082d1888b593ed8b7084d828e4c973cc41
.bidgear.com/ Name: __cf_bm
Value: paRl_CmExkAROpxZbLqHt0PIsrADAgcUuk4xRPvpY5k-1641362007-0-AbNgESDP4ZAD26QTPxcP6A1WGmLVVOHRGvqEth/9kpn98cSqsfK3qsfNK5Y3kCiUlu7H/cOYsxQUJ2kNb5P4ads=
.read7deadlysins.com/ Name: _ga
Value: GA1.2.608927346.1641362007
.read7deadlysins.com/ Name: _gid
Value: GA1.2.489424929.1641362007
.read7deadlysins.com/ Name: _gat
Value: 1
.adnxs.com/ Name: uuid2
Value: 4294195725904454246
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.rubiconproject.com/ Name: khaos
Value: KY14K6LS-P-2CO0
.rubiconproject.com/ Name: rsid
Value: 1|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxptHvrzPAh1r4P5O2ziQ6qdYLyMi4/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqNCxgmzGqqEKVXU66THvScWV7/AA==
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq8Tr4I+uEy4j5APvdogVCbaTd6KyMQnat7y9GyzaExIfyF+eI67NNHLl2D1AC5NPNJHX0j65lhQrVlHjvVpZ0fJhsHlJbldDerp/BTJtNDSaZr5ZVxLWDe
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDID
Value: 92e69f55-1916-4f34-9082-365b54ecbd05
.adform.net/ Name: uid
Value: 6147208508966476958
.quantserve.com/ Name: mc
Value: 61d53257-de4dd-11591-8604d
.cpx.to/ Name: cpSess
Value: 177d0aeaf7f7ca9
.smartadserver.com/ Name: pbw
Value: %24b%3d16960%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 339125=4739393
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311347762%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311347762%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637769624080438534&o=1
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.cpx.to/ Name: dsp_app_nexus
Value: 4294195725904454246#1641362008146
.bidswitch.net/ Name: c
Value: 1641362008
.bidswitch.net/ Name: tuuid_lu
Value: 1641362008
.bidswitch.net/ Name: tuuid
Value: d93303c2-dfbd-4077-a069-08acb99e81b4
.smartadserver.com/ Name: TestIfCookie
Value: ok
.cpx.to/ Name: dsp_TTD
Value: 92e69f55-1916-4f34-9082-365b54ecbd05#1641362008193
.adsby.bidtheatre.com/ Name: __kuid
Value: 0ee291c2-1c1f-484f-aef9-589523feda25.410576008
.smartadserver.com/ Name: pid
Value: 6218335655230423435
.smartadserver.com/ Name: pdomid
Value: 8
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9853198D-69D3-46C1-9A1C-00A0024EB908
.cpx.to/ Name: dsp_pubmatic
Value: 9853198D-69D3-46C1-9A1C-00A0024EB908#1641362008355
.adsrvr.org/ Name: TDCPM
Value: CAESGAoJYmlkc3dpdGNoEgsIjoODqbeGqDoQBRgBIAEoAjILCI77hdbNhqg6EAU4AVoJYmlkc3dpdGNoYAI.
.doubleclick.net/ Name: IDE
Value: AHWqTUnhTriccjlsu8uVKZNFgSxfeqXbb0hEgtqj-qEWP4yuyQCPZkuyPyc1-g_fiT0
.adform.net/ Name: TPC
Value: 1641362008432
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmJobGZkYGBhYmwEABEAzbQQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjAwMDM2NDY3NhTiM9R1TkzKC9WNMPALDTAGAJsgDvMlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjAwMDM2NDY3NhTiM9R1TkzKC9WNMPALDTCW4jU0MzE0NgMqsTAxNgIAumJFSTQAAAA
.scorecardresearch.com/ Name: UID
Value: 1CJTCHT019W94DVXD9DNCBg1641362008
.cpx.to/ Name: dsp_dbm
Value: CAESEJ2sSk4-kpcibzqWh6ryoI8#1641362008466
.adhigh.net/ Name: gi_u
Value: uLpbnBI6o6FV.AikABlF-KMypng
.ad-srv.net/ Name: kdb0xdq3ls8m_uid
Value: 794269ea39a6e68e
.adhigh.net/ Name: bsw_sync
Value: j8J
.criteo.com/ Name: uid
Value: c399555d-a91a-4f36-adb3-21f83bdf7396
.volvelle.tech/ Name: ouuid
Value: 4df8561b-f3e8-41b3-869e-f0458533194c
.volvelle.tech/ Name: c
Value: 1641362008
.volvelle.tech/ Name: ouuid_lu
Value: 1641362008
.cpx.to/ Name: dsp_rubicon
Value: KY14K6LS-P-2CO0#1641362008738
.medialead.de/ Name: trscj
Value: MTY0MTM2MjAwOHxMM1J5WTJzdlpYQjJMemMzTjJKa05XRTBNakJtTVdVNU9HWmxZVEkzWkRVNE5UWm1NR0ZsWldKalAzTjFZbWxrUFRReE5qSXhOakF3TURVME9UTTBOVEF3T1RjMU1UVTBNREV4T0RNd01ESTRKbU4wY21GamF6MW9kSFJ3Y3lVelFTVXlSaVV5Um1Ga01qZ3VZV1F0YzNKMkxtNWxkQ1V5Um1NbE1rWndOVE5qWkdZemJqWmhObmh5Y21ZbE0wWjBjSEprWlNVelJBPT18YUhSMGNITTZMeTloWkRJNExtRmtMWE55ZGk1dVpYUXY%3D
pb.media01.eu/ Name: ASP.NET_SessionId
Value: dn0hz2xkhd2odw2tcr4tvqk2
pb.media01.eu/ Name: DTU
Value: 4EF947331EDF14F34DDD15EB36DE4D83
www.lead-alliance.net/ Name: PHPSESSID
Value: 3k1b4rei7cg8lbap1ukmkpa4n4
.lead-alliance.net/ Name: ppv1225
Value: 2022010506532861507417127X117665V1225131106MSoneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros
.creative-serving.com/ Name: tuuid
Value: c21dc9f7-fc9f-46fc-aeb4-8c7e4b91e2f3
.creative-serving.com/ Name: c
Value: 1641362008
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyOTkwMDAwMDAwMDYxNjQxMzYyMDA5dmxlYTFkZTIwMjIwMTA1MDY1MzI4NjE1MDc0MTcxMjdYMTE3NjY1VjEyMjUxMzExMDZNU29uZWlkZ1ZXSDhmQlg0TXV6QllUUEhkdG11NXRyclJzZFRRVHdXVGVvbmVpZF9fYWRmUHJvczExNzY2NQ
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010506532861507417127X117665V1225131106MSoneidgVWH8fBX4MuzBYTPHdtmu5trrRsdTQTwWTeoneid__adfPros&wfid=117665
servicer.adskeeper.co.uk/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
.adskeeper.co.uk/ Name: muidn
Value: m04tn8fwzTRl
ww3.read7deadlysins.com/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C842741%22%3A%7B%22page%22%3A1%2C%22time%22%3A1641362009093%7D%7D
.mathtag.com/ Name: uuid
Value: 6d0761d5-3259-4b00-bba1-4d0296a71f38
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdUyWQADNkX_6AAF
.creative-serving.com/ Name: tuuid_lu
Value: 1641362009
.yahoo.com/ Name: A3
Value: d=AQABBFgy1WECEMg0k2kcQ4xneEDUiey514YFEgEBAQGD1mHfYQAAAAAA_eMAAA&S=AQAAAoy-IB45_OUJBBDfScGgRAQ
t.adcell.com/ Name: ADCELLvpid8880
Value: 252795-77305-bxkhszaahxktakmaskwuaaapwnxwkm%23%23%23%23https%3A%2F%2Fad.bsmartad.net%2F%40%40%40%401641362009
.adrta.com/ Name: __aavi
Value: 2443870980580660812
.adrta.com/ Name: __aavt
Value: 1641362009607
.adrta.com/ Name: __aasi
Value: 5148517920164853921
.adrta.com/ Name: __aast
Value: 1641362009607

3 Console Messages

Source Level URL
Text
javascript warning URL: https://ads.rubiconproject.com/ad/17210.js
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.volvelle.tech
ad-server.eu
ad.ad-srv.net
ad.bsmartad.net
ad28.ad-srv.net
ad4m.at
adrta.com
ads.creative-serving.com
ads.eu.criteo.com
ads.projectagoraservices.com
ads.rubiconproject.com
ads.themoneytizer.com
ads.yahoo.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
as.ad4m.at
assets.vlitag.com
audit-tcfv2.quantcast.mgr.consensu.org
beacon-ams3.rubiconproject.com
c.adskeeper.co.uk
c.tmyzer.com
cat.fr.eu.criteo.com
cdn.adskeeper.co.uk
cdn.jsdelivr.net
cdn.projectagora-adtag-library.com
cdn.taboola.com
cdnjs.cloudflare.com
ced.sascdn.com
cm.adform.net
cm.adskeeper.co.uk
cm.g.doubleclick.net
csm.eu.criteo.net
d2zur9cc2gf1tx.cloudfront.net
eu-node1.solutionslabkit.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
go.bebi.com
gum.criteo.com
hb.adpone.com
i.imgur.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
imasdk.googleapis.com
imp9.bidgear.com
ipv6.adrta.com
js-sec.indexww.com
jsc.adskeeper.co.uk
match.adsby.bidtheatre.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
p.rfihub.com
partner.blau.de
pb.media01.eu
pix.adrta.com
pix.eu.criteo.net
pixel.quantserve.com
pixel.rubiconproject.com
platform.bidgear.com
pool.grid-data.bidswitch.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
pv.medialead.de
px.adhigh.net
q.adrta.com
quantcast.mgr.consensu.org
read7deadlysins.com
rtbnote.bsmartdata.com
rules.quantcount.com
runwaff.com
s-img.adskeeper.co.uk
s.cpx.to
s1.adform.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.adskeeper.co.uk
services.vlitag.com
smarttag.rubiconproject.com
spl.zeotap.com
st.bebi.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.mathtag.com
sync.smartadserver.com
t.adcell.com
tag.leadplace.fr
tag.vlitag.com
test.quantcast.mgr.consensu.org
token.rubiconproject.com
track.adform.net
trc.taboola.com
trck.bebi.com
widget.fr.eu.criteo.com
ww3.read7deadlysins.com
www.google-analytics.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www5.smartadserver.com
x.bidswitch.net
104.109.78.125
104.19.130.80
104.21.94.194
109.206.161.94
138.201.135.164
142.250.185.194
142.250.185.226
143.204.101.7
143.204.98.123
143.204.98.26
143.204.98.7
143.204.98.82
145.239.192.166
145.239.193.130
145.239.193.145
151.101.112.193
151.101.193.44
151.101.194.49
151.139.241.23
159.65.196.12
178.250.0.160
178.250.0.163
178.250.2.135
178.250.2.150
185.29.134.248
185.33.221.89
185.33.221.90
185.64.189.110
185.86.137.131
185.86.138.16
193.0.160.128
199.187.193.130
2.16.186.32
2.18.234.21
2.19.35.65
2600:1f14:b4f:4b04:4b20:7324:37cc:771
2600:9000:2156:6400:6:44e3:f8c0:93a1
2600:9000:2156:9600:3:a4cd:8380:93a1
2600:9000:2156:de00:9:46dc:4700:93a1
2602:803:c003:200::61
2602:803:c003:200::77
2606:4700:10::6816:1857
2606:4700:10::6816:3ac7
2606:4700:10::ac43:15e3
2606:4700:20::681a:26b
2606:4700:20::681a:a19
2606:4700:20::ac43:4a81
2606:4700:3038::6815:eb93
2606:4700:3038::6815:eb94
2606:4700::6810:125e
2606:4700::6810:5814
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1288:80:800::7001
2a00:1450:4001:808::200a
2a00:1450:4001:811::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2010
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9c
2a02:2638::18
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:ba2a
2a02:cb40:200::242
2a05:d018:d29:3602:5ce0:1e2e:863d:4da1
2a0a:51c0:0:13d:247::1
3.122.13.237
3.127.165.193
3.33.220.150
34.120.133.55
34.236.231.39
34.249.18.151
35.210.178.101
35.244.174.68
37.157.2.248
37.157.6.251
37.157.6.252
46.4.62.19
51.195.5.38
51.89.9.251
52.210.129.48
52.3.147.140
52.49.83.234
52.8.2.45
54.228.188.133
54.38.64.100
54.76.176.197
8.39.36.141
84.200.5.215
88.198.250.30
88.99.165.19
91.207.59.213
93.90.198.147
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00647b104e368f4eff55f5b39a340255994cbdfcab65f35228d7f680389ea02a
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
08bf7d544f0300fafda6c225a6b17543ec8e29a4280435fb21de1def62e593e3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd5fc0db6f2aa30c3fbbc97e2ad0d28135fd083f7830c487737c2a4d94a8f23
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d8f8c7c999b1cde3d2db64e691feb129b2fe2a7c37119a449d7709af22475de
0dbe74968f860e76f89971a18226f7fe160a179a8413a92c6156c26c90ef6aef
11308a7fbf32aa690501309753578bd45c17f9dee1dd2cfae7c08daa3c9c0589
1629b100363a97d843eec7359e215550f98a0d3e98406d6d9a08f29a96fc011d
162eaee62eb9c97924a1b8a991f01364cc21b515c75de25810219c5396bd0bb0
179e0875471f2607b96a940816fae429a2775d4847bbfd0c0e6594b04c08242c
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
19ccf6d5a50a1087ccc4a3500a067b0bd1bc0f73ece106b7bbe080b7be539d78
1ab745fbb52145607ca3ac4ca7d41985090aad628e279d5fa292f169c783e4e0
1aba4d0a4279e58cae123cb832ef4d73de5c68c2d5157bc286786c02a868a274
1b75f4dca05a6e106b9c3859917739953540e1d3bad059e8cab21982fcb4c155
1c668e2916d4f9aeacbb6f545a645f0882204e7e3928b3f62b5aff3de136c1c5
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e1d65c2c0c45bc0182cdf1b27d4273808269755b36d4c3b3c50f1503d456c4d
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1f242371e1e3399be4bbbfa4ea4ecc4477ca8ebff1c5f6a7155aa7347eaf3a13
2124bbf59d34ddfba4fe4783a07a7eb47fbd67c2b13188c17686599338e9f99c
216d97e5802798f3d2fe14d0b1e5fd21e784ff9f5d7c4fd713a26e23e5a23c15
23c528a81277daccbb7007916d707c010e1cb05fa9fbda4202bc1b5d6c97fcb7
23d9eb3afd96cbc3901d951d94f1bcfe4cb35e98c065e7724b7db9885b5aa52b
24fb697da0be2b16388fb4cebaac3f1bfd1ef924bff56e4a22cf52755eb7dc21
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
294e5e2f8718e1514753e8642bfda1d2485cd1652d9435c42a3fb561746192a4
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
300bd11a164fea262e89187c26b741faa110208fffbf2d676ad867826c32e761
30195a6bc6988692219c6fe054cf03717fa200f4ec8c6458ca95de7dd5c142ac
302c20b858fb14d0754ea5569f7d3a563dfee7a6db2420454193359bcc9ef3bb
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
34a8aceb33deb5a368ca7aac2f2f43afdabf7233d289936e913106b9f89973df
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3879f21a4e923ba893952714add6f2081fba0fa2316ddde78dbebc6fcd0595d2
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3df2ab501eb443636c6ccfbc662d0dfad436f1e45587b85a7a68f1e595835385
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
3ebc579d2a5ea97acdb56edfb0e2a98e4d41f4f3db179fc1847bd50251d2251e
3f4b94e339ae4c289dc08e07272fde953c878cdb3690135acc34f3b6a5231b87
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
414048c388b6104400e84dda10c4ffdb0588a0f2a83ea4b9154adc555b22feaf
4191a6f79f2ccb9dd509b26ee9de69234c8de6b927e564c7fcb7970b591bd15c
424880d2b66c752ec8efb0eca8b45f3333c92ff6f6c41a9dfec4fcd8413f07c8
447bc3d208c00eb034b6628cfd19d92eb2b4808cbeab6ba0894493556ee2cf37
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
46220b9b3ca7fbfdd2450e6ee0039dcc9e10c6a7e9c7fcbc67eb4dba65bf5525
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
47e62cd87a7b4759537deee6b477e976f102923ac76a7525d20c13d7cc965a52
48006243aa1ece4f57a63dbe9c95e67f68b04c3caec2bbd87eebd63f7a7368b3
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
49efb86babfe0e5527001375fb8eedd75d0e675404b418dd897528ec076debfb
4c9e1dfe02052bfb822d4ade042ab6af99bbfdf6e37cfef0b6c5386351ff096d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
521245405e1a0702829542841fec26c99b6d817671463ecc31da19c4e67ee4b2
544a55db3346afee34cf2d46dd48d7fc2dc8718ebcae2e84d006500d721a5772
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56f86bdb12644b5d54dbf4980934de94d4fe6c14acf501021ac311311fa45139
5744342f5a6bdf5d455c27939d8d8bbf129730e95460a630d650a1900db7ad2e
5773a61260f9b0feb6cf93e4f25a568108704c08b169468bf21d26a09d5dda5b
58434ee2385ecd03efc08d02d7ffb3bdc8044924e3041c87e65fb33106ecad19
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
5b1e544dcbfc9fda162cb503b33ac6f825a7737368c0a7dc19d45e91e2069471
5bb38b4b989da09485c17120c88a1f5f6968207241825da70d86cf7105587110
5c97ce06d9dfc48f070b135f8d6c060ffb6c856239249e82d05894772d38800f
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
678a1bd718e7cbfeebe8ce443eae556b2313fb46ec09b8d1d1d1d172b763af16
68d2426eb8fffb1bfb85f036fb55a581702dcfb090a39ecd33ca151fb5801fee
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed07947c2ba39356b45c1cb6b84d7a6cd8f1172b0cb7af6e31e838196a994a5
712550505278953bfe5d74e31bb085aac51ca748fac9f032f61418e836c166d1
71529d12a50c366935078936f9533606bff2f00e195f62a78772cca16b7ca247
71cb62c5ae0429e179c5709089dc751b44c89a9d63ef2147ef2516993004bed7
71f7fe1803045ec43e8d89fdd9c066b6a06839054fdfb283f8c3ab787c161b46
72c2e9ee4b762a5633a0eb88b16e649a048dce07161bed007e6c20c2e7f17830
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
77aa5767150186e13ec510eb8ff484eba622aa849a7e224721dbbe5723c90efd
7bf9f395cfe5abb43422754de761e9a7093d19987ac15d083470a0ff2e803b51
7cd25cfdaa711da7ba54081aaf6d9962b606b5f3269b446c1096f7cb7a065026
7dd91c54d24510f6f3210d4b594f2d5ec926b44587ab80e6be2e08b579ceda37
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
806cc912d72e22caa84fdd0472a0ee11804e9a58ad489486456a8a0551194d91
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
81cf46e21ace01cc794bf5d4f665d8d4c38dca858b5f97e65745d70e7cb6d87a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c25ae26967cbdd3301928452b59f3cd0225635b3685a3deb9fa4a66dfc1a15
858405ec3b43c0d8b53e63cd12461d8c70c241153a35993a4e688dd839a7b471
8b6874e0a5e81da65b57af189d73b5a99af003eb69a872486307de02a87f7a26
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
8cee5ac15bf4d86a8ef8d196257ee00d73b735029156b884c060ddbac47707b0
8d639e437428e499700a0c263759f1df078df377157d51361041a9e68e5c3614
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3e3d82bd605e9b6484ef5ad816eba871aa1fb5a45033eb8b7f82ae39d07ac6
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90588a36345ab4c4115c97af4f7420ffbe1b473538276d1d230058ea62017ed3
9069755515590813e1289b482dc1ff0020b5b6e2e9fe3eb818f804816c2f65cf
93f2c48c7fc0f93d6285027d88ee05746e30da4cbc479bb3a0a3aa1258d23d20
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
9ae4942e6a4f7f1ba65fffb07b324698dc6b42c0274721a4bc054d99e23f341b
9c698a961e1a00fade296db2dd5e51b28e9dfc3466920931ad73934681f23f6f
9c986b087913f7bdcd01234bba21bef10812d2936d51d5d7d8de8cce6a110d58
9dfb31642524b13302ab1b4b641ff07d2781816519fdf0678d6e853632dcc2b0
9f4a0164ec545f6c1d0b5f083d10574d9717160e9d669d148810f9d929c5debb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a39c434ed12e9707bff709c0cdb94247ab1468dbed0fd4db5250d59051c501f2
a6168f36f6f2deec7cc756b7c15ecc59dfd5c22fee91dc0f751d100d9b9ac19d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a733719e0ba21dbd1a691a459642d9037d594d70b0026b25836b6f75b290e5f0
aa15cf00e552a8a99c53e259baab856bcdad5c3434442766aefab47685b30c0c
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
acefffada11e1d2146495b6a3709277ab4dd6e4b5d3a377807bfa9ec151e0da9
ad05740966a78657cf685251d6aea88a1e8f9df8355707c82bd727d62133011f
ae6454b3f29fd9e1f98462d39bc2f02c1724e209cc498f7efdb5a681541a7be7
ae9108e39c2e1d253423f6beb4942d1504c243d53cd9bda1624f20ca272d8d45
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
af6bce541d4146ed87245609dce363580e0eef7bd4cb13a3b9fff37aa5133053
afa8e1aea72991b738924d9c21383f8eb4cefee19fe8160e4678f9936189cfc2
afb0aa36a39ea84ff96b9443e037bde4cab2555c676a750fbef9bdba34009d67
b0710b0848d2c16c9307f0edfc650ce13f869d51e69f687cbb976d4a489ea981
b09b4568e6d05c7d8721203cf78dd283559194f22f72159d381b4e0a12c81641
b0de22d4f5a7af6092510a77bb6ec95afe5f374c7131ed4bc85e5341784653ea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b458ea58a0ce58780b9774f89b60e97cd5c5310a77e99074c2d05386a21cccd7
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b896afc83022a9cba3d395cdb8f1c09f49df5869b96d9c41af7bfdca6286d005
b91fa45b7b1dd4f2a3245544336ced5a7065803f1582ce16f45766da554c91ab
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bc9a9be89e7b42f47be69ba5ec4ed940c7350b2b236aaf21237829e2ef27ff0e
be3e6ce4107dfe75c6ed8d87f06761d7b4c19db8ecab97a36a5b67c4eb4f8fb5
be5a79bbc91bd7134aae5b1712a11a6f6c75f9c40e357e5711ce557ecea88b5a
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c1a4f5d40a7df7d9646447edc1bf2ec0f81dd2e994806b188fb8f58648538d59
c1c8e331f9e57876bc58b18eafb957a7863b7fe164b059ad294fe87c908ce939
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c51903bd0088a1dab7d50ac0f7098e802cb72ca76730d60c56ecff6d6aca6ff3
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230
cc74414927af7e53ee6a77a895eb9159173a7a625d5a6ec9da8d079d17d99f15
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd239fd6a76b8fdf6cb8a312fb6b8144b98e448747b6e59fe0a2dbaaef567fe8
cd697a89e446898d7133b95b17d72b486c36734247836b611a445e216763819f
cd981c2f116a7bc868c99248cba9c86fdf48401f8dfc6880c3be636dffb7063e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d9eb121455afc217376eb0dd9b4bbfa0ec9be3735e3dffa25685616dd9c2ee56
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db459d8bdb50d45f7ff93bc826731c3ffd8a51e13262e8ced73d23bbcf68a3fd
dc453e164cf3d90394f34101009154927c343ebb6a4d0e10e09532c661911f2f
e08c294c8231ec572510659df34092e05d02680dc3c4738bf2cf33c398d41df8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9
eb31c914a735c6186d240a45952ec418acf8bcd35b2d83acd0bc20e6fe5a0b2d
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f4bcefdd16faa59b3fe92bf8ef1e0e5b796e38e051f150b7158f6aa6cf1e602a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f80d4013d79c418296e4dda29f9349c433cbe2bd866896cad4957e867cf6404c
fee513eec93d609677cfb4d1f3164562f7d36855b5bf9b380c57b46f08aa3779
ff73531e17ba0f85fdd45b14866c1d2a73fe7e194ed79c29fc0a4ad57c3e8ccb