aceptgmscontrc.webcindario.com Open in urlscan Pro
5.57.226.202  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
• https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent}&__user_check__=1&sync_id=ef7e8ab1-1284-11ec-b7a7-13ae17dc0306 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent}

Request Chain 37

• https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239 HTTP 302
• https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1

Request Chain 39

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D&_test=YTvZjgAAAJnuWAAT HTTP 302
• https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769?uid=YTvZjgAAAJnuWAAT&_test=YTvZjgAAAJnuWAAT HTTP 301
• https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YTvZjgAAAJnuWAAT&_test=YTvZjgAAAJnuWAAT

Request Chain 40

• https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=5f13abda-dbce-44ea-892f-1zz1631312270 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=5f13abda-dbce-44ea-892f-1zz1631312270 HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=429&user_id=b19cd5ae-c106-51fe-bb75-e49bda4e3d14&ssp=richaudience&expires=30&user_group=1 HTTP 302
• https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=4530b168-1d60-4e25-9840-df681704fe58&gdpr=&gdpr_consent=&us_ps=

Request Chain 41

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c

Request Chain 42

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964

Request Chain 44

• https://c1.adform.net/serving/cookie/match?party=14&cid=894A7B09-FDBA-4E5A-B50B-6832447DAB74 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=894A7B09-FDBA-4E5A-B50B-6832447DAB74

Request Chain 46

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iUp7Cf26Tlq1C2gyRH2rdA%3D%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iUp7Cf26Tlq1C2gyRH2rdA%3D%3D&google_tc= HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 48

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3588613b-d98e-4b00-8e69-cdd57312ed41

Request Chain 49

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk0QTdCMDktRkRCQS00RTVBLUI1MEItNjgzMjQ0N0RBQjc0&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk0QTdCMDktRkRCQS00RTVBLUI1MEItNjgzMjQ0N0RBQjc0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 50

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15

Request Chain 51

• https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F8FED78BD214609A41775662B6D0BBB

Request Chain 52

• https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9136448935933272072&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 53

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d656a76-b76c-4603-b83a-ac860f92f476

Request Chain 54

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTvZjgAAAJnuWAAT&gdpr=0&gdpr_consent=

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request termservices.html Show response aceptgmscontrc.webcindario.com/acpt/	13 KB 5 KB	196ms 33ms	Document text/html	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Full URL https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 5c94d52af85d057ba0dd4a7241740b4bd6768e37e9f619fea5c4c81eb20fb132 Request headers :method GET :authority aceptgmscontrc.webcindario.com :scheme https :path /acpt/termservices.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Fri, 10 Sep 2021 22:17:39 GMT content-type text/html vary Accept-Encoding set-cookie __muid=51b28ce66f640a8d6fcbbaa731c41c86d48506b6; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly x-powered-by Webcindario Hosting Service content-encoding gzip
GET H2	200	microsoft_logo.svg aceptgmscontrc.webcindario.com/acpt/index_files/	4 KB 4 KB	44ms 44ms	Image image/svg+xml	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://aceptgmscontrc.webcindario.com/acpt/index_files/microsoft_logo.svg Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers :path /acpt/index_files/microsoft_logo.svg pragma no-cache cookie __muid=51b28ce66f640a8d6fcbbaa731c41c86d48506b6 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority aceptgmscontrc.webcindario.com referer https://aceptgmscontrc.webcindario.com/acpt/termservices.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/acpt/termservices.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:39 GMT last-modified Tue, 07 Sep 2021 15:14:52 GMT server nginx x-powered-by Webcindario Hosting Service etag "613781ec-e43" content-type image/svg+xml accept-ranges bytes content-length 3651
GET H2	200	/ Show response hosting.miarroba.info/	1 KB 1 KB	8960ms 8893ms	Script application/javascript	104.21.80.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hosting.miarroba.info/?__muid=51b28ce66f640a8d6fcbbaa731c41c86d48506b6&h=2076079&t=1631312259&k=07d71d28caca8718352654a510328493 Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.217 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 662a226ca70e8eb1f54fc5c527fa31aa9be9e67414fe54ee4c3f85cab24ff92e Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache last-modified Fri, 10 Sep 2021 22:17:48 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIHxI9kp%2BP5Aa6iMy5oH6Kb1Jbw5LlHLOJAy9zkYPeoR4ip5lYvYN%2BiLWqiq%2FyO4Xgab5VFor5UDtT%2FqH8MjAPCCB74vZd06uhRDGLL2GpiBuHi%2F6C0hJseJ%2BFFyodhpm6xDQJHsFHk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=iso-8859-1 cache-control no-cache cf-ray 68cc0717f928413e-PRG expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	204	choice.js Show response quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/aceptgmscontrc.webcindario.com/	0 324 B	197ms 136ms	Script text/plain	99.84.82.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/aceptgmscontrc.webcindario.com/choice.js Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.82.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-82-59.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:39 GMT via 1.1 4699c08b44211e17f977ca0133ec5e8f.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop MUC50-C1 vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Error from cloudfront cache-control max-age=900 cross-origin-resource-policy cross-origin x-amz-cf-id 2LMCBi_BBhr3XmlL4zrZoL0ctUnELQMUYWg76gQU8lddyTyN6ykr8A==
GET H2	200	gtm.js Show response www.googletagmanager.com/	127 KB 48 KB	290ms 105ms	Script application/javascript	142.250.81.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.81.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f8.1e100.net Software Google Tag Manager / Resource Hash 908891160b237afe20eaea37fe1adebe3cfd918a3cc3c400cbeb507de012e5d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:40 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48304 x-xss-protection 0 last-modified Fri, 10 Sep 2021 21:46:34 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 10 Sep 2021 22:17:40 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	270ms 86ms	Script text/javascript	142.250.80.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 2187 date Fri, 10 Sep 2021 21:41:13 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Fri, 10 Sep 2021 23:41:13 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 9 KB	39ms 7ms	Script application/javascript	91.228.74.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:40 GMT content-encoding gzip etag "lp772EpWKwf8Kq7YKMhbuw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Fri, 17 Sep 2021 22:17:40 GMT
GET H2	200	rules-p-d5x2uDVHd7ALE.js Show response rules.quantcount.com/	3 B 429 B	57ms 13ms	Script application/javascript	99.84.82.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.82.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-82-111.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 04:27:58 GMT via 1.1 5d6d1ee413c782ab05cc32e601576462.cloudfront.net (CloudFront) age 64183 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 20:57:48 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop MUC50-C1 accept-ranges bytes x-amz-cf-id cqQr6XNQqS45TBJfWhKK-SLFRqgctQboCYQkfKITrz8dXOinUj0fsg==
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 217 B	99ms 98ms	XHR text/plain	142.250.80.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1726866928&t=pageview&_s=1&dl=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&ul=en-us&de=UTF-8&dt=Cargando...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=817528290&gjid=232530871&cid=1036523056.1631312261&tid=UA-597118-7&_gid=597899406.1631312261&_r=1&gtm=2wg910T2VG59&z=1739332877 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f14.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://aceptgmscontrc.webcindario.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 10 Sep 2021 22:17:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aceptgmscontrc.webcindario.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 67 B	99ms 99ms	XHR text/plain	142.250.80.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1726866928&t=pageview&_s=1&dl=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&ul=en-us&de=UTF-8&dt=Cargando...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABCAAAAC~&jid=244818777&gjid=530863662&cid=1036523056.1631312261&tid=UA-597118-1&_gid=597899406.1631312261&_r=1&gtm=2wg910T2VG59&z=694132055 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f14.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://aceptgmscontrc.webcindario.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 10 Sep 2021 22:17:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aceptgmscontrc.webcindario.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 68 B	315ms 114ms	XHR text/plain	142.251.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-597118-7&cid=1036523056.1631312261&jid=817528290&gjid=232530871&_gid=597899406.1631312261&_u=YEBAAAAACAAAAC~&z=618502963 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS gm-in-f155.1e100.net Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://aceptgmscontrc.webcindario.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 10 Sep 2021 22:17:40 GMT content-type text/plain access-control-allow-origin https://aceptgmscontrc.webcindario.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 471 B	311ms 113ms	XHR text/plain	142.251.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-597118-1&cid=1036523056.1631312261&jid=244818777&gjid=530863662&_gid=597899406.1631312261&_u=YEDAAAABCAAAAC~&z=102356270 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS gm-in-f155.1e100.net Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://aceptgmscontrc.webcindario.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 10 Sep 2021 22:17:40 GMT content-type text/plain access-control-allow-origin https://aceptgmscontrc.webcindario.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 522 B	291ms 106ms	Image image/gif	142.250.65.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-597118-1&cid=1036523056.1631312261&jid=244818777&_u=YEDAAAABCAAAAC~&z=431991808 Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Fri, 10 Sep 2021 22:17:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	291ms 107ms	Image image/gif	142.250.65.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-597118-7&cid=1036523056.1631312261&jid=817528290&_u=YEBAAAAACAAAAC~&z=103143262 Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Fri, 10 Sep 2021 22:17:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response des.smartclip.net/	20 B 354 B	51ms 8ms	Script application/javascript	35.186.194.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=51b28ce66f640a8d6fcbbaa731c41c86d48506b6&sz=400x320&rnd=61287196 Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 101.194.186.35.bc.googleusercontent.com Software nginx/1.17.6 / Resource Hash 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:48 GMT content-encoding gzip sc-supply-network 999999 vary Accept-Encoding p3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" via 1.1 google sc-uuid 767fee65-982e-4f2a-bbbb-877fed7daa76 access-control-allow-credentials true sc-device-type PC content-type application/javascript; charset=utf-8 alt-svc clear server nginx/1.17.6
GET H2	200	lz_loader.js Show response img.sunmediaads.com/ads/	112 KB 113 KB	140ms 9ms	Script text/javascript	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4 Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:48 GMT last-modified Sun, 05 Apr 2020 16:15:53 GMT etag "1586103353" x-hw 1631312268.dop239.fr8.t,1631312268.cds056.fr8.hn,1631312268.cds208.fr8.c content-type text/javascript cache-control max-age=1105 accept-ranges bytes content-length 115125
POST H3	200	607f6b0b381bbc1f64fa027d62891072_cookie.php Show response hosting.miarroba.info/ Frame 6DFB	46 B 727 B	284ms 265ms	Document text/html	104.21.80.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.217 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88 Request headers :method POST :authority hosting.miarroba.info :scheme https :path /607f6b0b381bbc1f64fa027d62891072_cookie.php content-length 162 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://aceptgmscontrc.webcindario.com content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://aceptgmscontrc.webcindario.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 Origin https://aceptgmscontrc.webcindario.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ Response headers date Fri, 10 Sep 2021 22:17:49 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding set-cookie __weslvu=1631312268; expires=Fri, 10-Sep-2021 23:17:48 GMT; Max-Age=3600; path=/; domain=hosting.miarroba.info cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dix9zPeN4hEkclcyWUnyPEyphmYsO%2By6yeSZFJz%2F3%2B%2FbU5Cx5QB7MlYuWYu1QEOmX5MyGcRkZ0%2B%2FaZcOVUBGRiXuAMh7YF7xlkLUSsmIKywPJDKm0%2B7KHCFF7RZBP0GiNBSNV%2BgqO0U%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 68cc074fc9d6412b-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	zone.php Show response play.sunmediaads.com/red/	1005 B 2 KB	262ms 32ms	Script text/html	212.92.55.8 NEXICA-AS
General Check archive.org Show headers Download Go to Full URL https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=13721800610.018133839239979244 Requested by Host: img.sunmediaads.com URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.92.55.8 Vilanova de la Roca, Spain, ASN24592 (NEXICA-AS, ES), Reverse DNS unamed.nexica.net Software Apache / Resource Hash be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 10 Sep 2021 22:02:32 GMT Server Apache Connection close Content-Length 1005 Content-Type text/html; charset=UTF-8
GET H2	200	8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/	286 KB 92 KB	631ms 15ms	Script application/javascript	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash 71b7da004e0e2e47667c4fb5e3d81333c3d6d213298e22e7b5746f5588860d76 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:49 GMT content-encoding gzip tp-cache HIT last-modified Thu, 09 Sep 2021 09:22:55 GMT server nginx age 132726 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript cache-control max-age=0, s-maxage=2592001 access-control-allow-credentials true content-length 93930 accept-ranges bytes x-device mobile
GET H2	200	/ Show response servingcdn.net/	32 KB 32 KB	729ms 116ms	Script application/javascript	3.19.226.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click= Requested by Host: img.sunmediaads.com URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.19.226.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-19-226-146.us-east-2.compute.amazonaws.com Software nginx/1.20.0 / Express Resource Hash 69d9167c7a3ea5fccc993d229bdedfa8b48c9b4808bf2e2ed3258b6297d29043 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Fri, 10 Sep 2021 22:17:49 GMT server nginx/1.20.0 x-powered-by Express content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 32630 expires -1
GET H2	200	adblockDetector.min.js Show response static.sunmedia.tv/AdBlockDetection/	3 KB 2 KB	14ms 14ms	Script application/javascript	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=https%253A%252F%252Faceptgmscontrc.webcindario.com%252Facpt%252Ftermservices.html Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:49 GMT content-encoding gzip tp-cache HIT last-modified Mon, 21 Dec 2020 17:00:21 GMT server nginx age 344947 vary Accept-Encoding content-type application/javascript cache-control max-age=604800, s-maxage=2592000 x-device tablet accept-ranges bytes content-length 1634
GET H2	200	postscribe.min.js Show response cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/	17 KB 6 KB	54ms 20ms	Script application/javascript	104.16.19.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js Requested by Host: servingcdn.net URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 184773 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5117 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:38 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03faa-45f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcQ%2FdHLxPS%2FIMl2GAQ3eXQbLADS3pMuNYOGUU6MvDqyoUsm%2FYMiTs2%2B2fsM8DZ5MwGcl7VcCjrhcufacxPeKFRPvePAxQCLYphJlbxrqLPwNcUoBWqu4FuWI1EOjRYufu7OiqzX%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 68cc0758ad124138-PRG expires Wed, 31 Aug 2022 22:17:50 GMT
GET H2	200	b50000f8-170a-4dc8-a66e-61993d94c500.js Show response static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/	284 KB 91 KB	14ms 14ms	Script application/javascript	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash a872016ed318842943d954a6f467678835caec5412dda7de548c038dac621697 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT content-encoding gzip tp-cache HIT last-modified Thu, 09 Sep 2021 09:23:00 GMT server nginx age 132833 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript cache-control max-age=0, s-maxage=2592001 access-control-allow-credentials true content-length 93229 accept-ranges bytes x-device tablet
GET H2	200	adblockDetector.min.js Show response static.sunmedia.tv/AdBlockDetection/	3 KB 2 KB	14ms 14ms	Script application/javascript	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=https%253A%252F%252Faceptgmscontrc.webcindario.com%252Facpt%252Ftermservices.html Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT content-encoding gzip tp-cache HIT last-modified Mon, 21 Dec 2020 17:00:21 GMT server nginx age 344948 vary Accept-Encoding content-type application/javascript cache-control max-age=604800, s-maxage=2592000 x-device tablet accept-ranges bytes content-length 1634
GET H2	200	geocity.php Show response services.sunmedia.tv/geotarget/	488 B 741 B	180ms 14ms	XHR application/json	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://services.sunmedia.tv/geotarget/geocity.php Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash ab06daa3da0b89d5c1d177491f54e00dc1f000fcd790a4ec099cb6dfced9bb6c Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT server nginx age 968 vary Accept-Encoding content-type application/json access-control-allow-origin https://aceptgmscontrc.webcindario.com cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true x-device mobile accept-ranges bytes content-length 488
GET H2	200	outstream.json Show response static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/	3 KB 3 KB	44ms 14ms	XHR application/json	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash 8fa1f4e9501aa00a6ccc86f20c82a1f2d92601bf33ba69a09ed73722750e8874 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT last-modified Tue, 08 Jun 2021 11:59:20 GMT server nginx age 344948 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 content-length 3049 accept-ranges bytes x-device mobile
GET H2	200	inhome-1-0.json Show response static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/	3 KB 3 KB	44ms 15ms	XHR application/json	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT last-modified Tue, 01 Dec 2020 14:41:43 GMT server nginx age 344947 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 content-length 2788 accept-ranges bytes x-device mobile
GET H2	200	vd Show response jnxm2.com/ Frame 08D4	22 KB 22 KB	405ms 120ms	Document text/html	3.18.11.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://jnxm2.com/vd?ref=https%3A%2F%2Faceptgmscontrc.webcindario.com Requested by Host: servingcdn.net URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.11.53 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-11-53.us-east-2.compute.amazonaws.com Software nginx/1.20.0 / Express Resource Hash e050471d46c2455dafa4e9afc53bcf10bc59cf84d11e92a14bb976dd920797c8 Request headers :method GET :authority jnxm2.com :scheme https :path /vd?ref=https%3A%2F%2Faceptgmscontrc.webcindario.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://aceptgmscontrc.webcindario.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ Response headers date Fri, 10 Sep 2021 22:17:50 GMT content-type text/html; charset=utf-8 content-length 22196 server nginx/1.20.0 x-powered-by Express access-control-allow-origin * etag W/"56b4-FnMTAhU3vhJeLr/VtAhY7VHhM1w"
GET H2	200	pandg-sdk.js Show response pghub.io/js/	4 KB 2 KB	56ms 7ms	Script application/javascript	35.241.45.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pghub.io/js/pandg-sdk.js Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.45.241.35.bc.googleusercontent.com Software UploadServer / Resource Hash 443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:01:05 GMT content-encoding gzip age 1005 x-guploader-uploadid ADPycdtvV2AElspenB2i6EeWLeoHVCR3HLi2lvM5d98kMEiezepeqzq-f2yj_mZuJLPLVDkDBGlLKjvTw7UtchQdZg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1482 last-modified Wed, 07 Apr 2021 18:40:01 GMT server UploadServer etag "dd7e4933d35d1a7cb610442e9bea8b94" vary Accept-Encoding x-goog-hash crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA== x-goog-generation 1617820801121016 cache-control public,max-age=3600 x-goog-stored-content-length 1482 accept-ranges bytes content-type application/javascript
GET H2	200	/ Show response sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/	301 B 311 B	77ms 13ms	Script text/javascript	162.55.233.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ Requested by Host: aceptgmscontrc.webcindario.com URL: https://aceptgmscontrc.webcindario.com/acpt/termservices.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.233.55.162.clients.your-server.de Software nginx/1.14.2 / Resource Hash f975f6accf0d8bc54c27a4368d05903a5587f1370e45a1cb674d9bbe0de6ab6a Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT content-encoding gzip server nginx/1.14.2 vary Accept-Encoding content-type text/javascript;charset=UTF-8
GET H2	200	/ track.sunmedia.tv/	42 B 278 B	111ms 18ms	Image image/gif	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT last-modified Thu, 15 Nov 2018 09:59:07 GMT server nginx age 344948 vary Accept-Encoding content-type image/gif cache-control max-age=0, s-maxage=31536000 access-control-allow-credentials true x-device mobile accept-ranges bytes content-length 42
GET H2	200	pixel cm.g.doubleclick.net/ Redirect Chain https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent} https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent}&__user_check__=1&sync_id=ef7e8ab1-1284-11ec-b7a7-13ae17dc0306 https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent}	170 B 523 B	315ms 112ms	Image image/png	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Fri, 10 Sep 2021 22:17:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 10 Sep 2021 22:17:50 GMT Server nginx Location //cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent} Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 141 Connection keep-alive Content-Length 0
GET H2	200	geocity.php Show response services.sunmedia.tv/geotarget/	488 B 741 B	16ms 16ms	XHR application/json	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://services.sunmedia.tv/geotarget/geocity.php Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash ab06daa3da0b89d5c1d177491f54e00dc1f000fcd790a4ec099cb6dfced9bb6c Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT server nginx age 968 vary Accept-Encoding content-type application/json access-control-allow-origin https://aceptgmscontrc.webcindario.com cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true x-device mobile accept-ranges bytes content-length 488
GET H2	200	outstream.json Show response static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/	3 KB 3 KB	16ms 15ms	XHR application/json	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash 8fa1f4e9501aa00a6ccc86f20c82a1f2d92601bf33ba69a09ed73722750e8874 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT last-modified Tue, 08 Jun 2021 11:59:20 GMT server nginx age 344948 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 content-length 3049 accept-ranges bytes x-device mobile
GET H2	200	inhome-1-0.json Show response static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/	3 KB 3 KB	15ms 14ms	XHR application/json	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT last-modified Tue, 01 Dec 2020 14:41:43 GMT server nginx age 344947 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 content-length 2788 accept-ranges bytes x-device mobile
GET H2	200	/ track.sunmedia.tv/	42 B 278 B	75ms 17ms	Image image/gif	141.94.109.48 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.94.109.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31438425.ip-141-94-109.eu Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT tp-cache HIT last-modified Thu, 15 Nov 2018 09:59:07 GMT server nginx age 344948 vary Accept-Encoding content-type image/gif cache-control max-age=0, s-maxage=31536000 access-control-allow-credentials true x-device mobile accept-ranges bytes content-length 42
GET H2	200	tag Show response pandg.tapad.com/ Frame DF2F	188 B 680 B	64ms 15ms	Document text/html	35.227.248.159 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D Requested by Host: pghub.io URL: https://pghub.io/js/pandg-sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 159.248.227.35.bc.googleusercontent.com Software / Resource Hash 1240858c2b3a804e7ece1b8179a1d46c24690baba9c43bdb1bc49676b22e5455 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority pandg.tapad.com :scheme https :path /tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://aceptgmscontrc.webcindario.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ Response headers date Fri, 10 Sep 2021 22:17:50 GMT strict-transport-security max-age=31536000 content-security-policy-report-only default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org content-type text/html;charset=utf-8 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" set-cookie TapAd_TS=1631312270524;Expires=Tue, 09 Nov 2021 22:17:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=44e67832-844d-4a31-b31f-5be5e33d3c0c;Expires=Tue, 09 Nov 2021 22:17:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None content-length 188 via 1.1 google alt-svc clear
GET H2	200	tag Show response pandg.tapad.com/ Frame DE40	188 B 429 B	62ms 15ms	Document text/html	35.227.248.159 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D Requested by Host: pghub.io URL: https://pghub.io/js/pandg-sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 159.248.227.35.bc.googleusercontent.com Software / Resource Hash 164f460ef615ca036fb529c0a2b6673269fe795ca45631326d37b71bc2cc4708 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority pandg.tapad.com :scheme https :path /tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://aceptgmscontrc.webcindario.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ Response headers date Fri, 10 Sep 2021 22:17:50 GMT strict-transport-security max-age=31536000 content-security-policy-report-only default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org content-type text/html;charset=utf-8 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" set-cookie TapAd_TS=1631312270524;Expires=Tue, 09 Nov 2021 22:17:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=29e81c11-b8d9-4f16-bab5-a72c44cd1964;Expires=Tue, 09 Nov 2021 22:17:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None content-length 188 via 1.1 google alt-svc clear
GET H2	200	/ Show response sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/ Frame 7CCE Redirect Chain https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239 https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1	2 KB 973 B	21ms 21ms	Document text/html	162.55.233.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1 Requested by Host: sync.richaudience.com URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.233.55.162.clients.your-server.de Software nginx/1.14.2 / Resource Hash 02dd4c0d141b05ba895a11d15742c5c541314e74145f0e42dee9e8b451eec0ea Request headers :method GET :authority sync.richaudience.com :scheme https :path /b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://aceptgmscontrc.webcindario.com/ accept-encoding gzip, deflate, br cookie pdid=5f13abda-dbce-44ea-892f-1zz1631312270 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aceptgmscontrc.webcindario.com/ Response headers server nginx/1.14.2 date Fri, 10 Sep 2021 22:17:50 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" set-cookie cmpsync=1; expires=Fri, 10-Sep-2021 22:18:00 GMT; Max-Age=10; path=/; domain=.richaudience.com; secure; HttpOnly; SameSite=None content-encoding gzip Redirect headers server nginx/1.14.2 date Fri, 10 Sep 2021 22:17:50 GMT content-type text/html; charset=UTF-8 location https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" set-cookie pdid=5f13abda-dbce-44ea-892f-1zz1631312270; expires=Sun, 10-Oct-2021 22:17:50 GMT; Max-Age=2592000; path=/; domain=.richaudience.com; secure; HttpOnly; SameSite=None
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame E359	14 KB 5 KB	49ms 6ms	Document text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Requested by Host: sync.richaudience.com URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.richaudience.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sync.richaudience.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=155409 expires Sun, 12 Sep 2021 17:27:59 GMT date Fri, 10 Sep 2021 22:17:50 GMT vary Accept-Encoding
GET H2	200	/ sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/ Frame 7CCE Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D&_test=YTvZjgAAAJnuWAAT https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769?uid=YTvZjgAAAJnuWAAT&_test=YTvZjgAAAJnuWAAT https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YTvZjgAAAJnuWAAT&_test=YTvZjgAAAJnuWAAT	95 B 346 B	14ms 14ms	Image image/png	162.55.233.28 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YTvZjgAAAJnuWAAT&_test=YTvZjgAAAJnuWAAT Requested by Host: sync.richaudience.com URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.233.55.162.clients.your-server.de Software nginx/1.14.2 / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.richaudience.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT server nginx/1.14.2 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/png Redirect headers location https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YTvZjgAAAJnuWAAT&_test=YTvZjgAAAJnuWAAT date Fri, 10 Sep 2021 22:17:50 GMT server nginx/1.14.2 content-length 185 content-type text/html
GET H2	200	/ sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 7CCE Redirect Chain https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=5f13abda-dbce-44ea-892f-1zz1631312270 https://x.bidswitch.net/ul_cb/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=5f13abda-dbce-44ea-892f-1zz1631312270 https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3... https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3... https://x.bidswitch.net/sync?dsp_id=429&user_id=b19cd5ae-c106-51fe-bb75-e49bda4e3d14&ssp=richaudience&expires=30&user_group=1 https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=4530b168-1d60-4e25-9840-df681704fe58&gdpr=&gdpr_consent=&us_ps=	95 B 360 B	14ms 14ms	Image image/png	162.55.233.28 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=4530b168-1d60-4e25-9840-df681704fe58&gdpr=&gdpr_consent=&us_ps= Requested by Host: sync.richaudience.com URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=12283239&rd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.233.55.162.clients.your-server.de Software nginx/1.14.2 / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.richaudience.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT server nginx/1.14.2 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/png Redirect headers location //sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=4530b168-1d60-4e25-9840-df681704fe58&gdpr=&gdpr_consent=&us_ps= date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	receive pixel.tapad.com/idsync/ex/ Frame DF2F Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c&gdpr=&gdpr_consent=${gdpr_consent} https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c&gdpr=&gdpr_consent=${gdpr_consent} https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c	95 B 420 B	21ms 16ms	Image image/png	35.227.248.159 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c Requested by Host: pandg.tapad.com URL: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 159.248.227.35.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pandg.tapad.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT via 1.1 google content-type image/png alt-svc clear content-length 95 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Redirect headers pragma no-cache date Fri, 10 Sep 2021 22:17:50 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=44e67832-844d-4a31-b31f-5be5e33d3c0c cache-control private,no-cache, must-revalidate content-type text/html content-length 347
GET H2	200	receive pixel.tapad.com/idsync/ex/ Frame DE40 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964&gdpr=&gdpr_consent=${gdpr_consent} https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964&gdpr=&gdpr_consent=${gdpr_consent} https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964	95 B 430 B	21ms 15ms	Image image/png	35.227.248.159 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964 Requested by Host: pandg.tapad.com URL: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Faceptgmscontrc.webcindario.com%2Facpt%2Ftermservices.html&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 159.248.227.35.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pandg.tapad.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:50 GMT via 1.1 google content-type image/png alt-svc clear content-length 95 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Redirect headers pragma no-cache date Fri, 10 Sep 2021 22:17:50 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d656a76-b76c-4603-b83a-ac860f92f476&ttd_puid=29e81c11-b8d9-4f16-bab5-a72c44cd1964 cache-control private,no-cache, must-revalidate content-type text/html content-length 347
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame E359	2 KB 2 KB	496ms 160ms	Script text/html	104.36.113.23 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48385959&p=156538&s=156538&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash b3cdcf8551de4b6980f83bd60293d9b93e189f354dfdd802702b1e85d3b9b3fa Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:49 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 1569 content-type text/html; charset=UTF-8
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame 4FB2 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&cid=894A7B09-FDBA-4E5A-B50B-6832447DAB74 https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=894A7B09-FDBA-4E5A-B50B-6832447DAB74	35 B 468 B	18ms 18ms	Document image/gif	37.157.4.41 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=894A7B09-FDBA-4E5A-B50B-6832447DAB74 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority c1.adform.net :scheme https :path /serving/cookie/match?CC=1&party=14&cid=894A7B09-FDBA-4E5A-B50B-6832447DAB74 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie C=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Fri, 10 Sep 2021 22:17:51 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie uid=3472994863786244408; expires=Tue, 09 Nov 2021 22:17:51 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains Redirect headers server nginx date Fri, 10 Sep 2021 22:17:51 GMT content-length 0 location https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=894A7B09-FDBA-4E5A-B50B-6832447DAB74 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie C=1; expires=Sun, 10 Oct 2021 22:17:51 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	/ Show response sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame A80C	0 468 B	14ms 12ms	Document text/html	162.55.233.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=894A7B09-FDBA-4E5A-B50B-6832447DAB74 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.233.55.162.clients.your-server.de Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :method GET :authority sync.richaudience.com :scheme https :path /a8c1b6a2754b510b088f624c91944bf3/?pmUserId=894A7B09-FDBA-4E5A-B50B-6832447DAB74 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie pdid=5f13abda-dbce-44ea-892f-1zz1631312270; cmpsync=1; avcid-evt-uid=YTvZjgAAAJnuWAAT Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx/1.14.2 date Fri, 10 Sep 2021 22:17:51 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" set-cookie avcid-pmr-uid=894A7B09-FDBA-4E5A-B50B-6832447DAB74; expires=Thu, 09-Dec-2021 22:17:51 GMT; Max-Age=7776000; path=/; domain=.richaudience.com; secure; HttpOnly; SameSite=None avcid-pmt-uid=894A7B09-FDBA-4E5A-B50B-6832447DAB74; expires=Thu, 09-Dec-2021 22:17:51 GMT; Max-Age=7776000; path=/; domain=.richaudience.com; secure; HttpOnly; SameSite=None content-encoding gzip
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame E359 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iUp7Cf26Tlq1C2gyRH2rdA%3D%3D https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iUp7Cf26Tlq1C2gyRH2rdA%3D%3D&google_tc= https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	14 KB 14 KB	7ms 6ms	Image text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:08:03 GMT server Apache/2.2.15 (CentOS) etag "1300708-3945-5c4c7cc02bd56" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=155408 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 5054 expires Sun, 12 Sep 2021 17:27:59 GMT Redirect headers pragma no-cache date Fri, 10 Sep 2021 22:17:51 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	451	420486.gif idsync.rlcdn.com/ Frame E359	0 66 B	85ms 24ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/420486.gif?partner_uid=894A7B09-FDBA-4E5A-B50B-6832447DAB74 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT via 1.1 google alt-svc clear content-length 0
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame E359 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3588613b-d98e-4b00-8e69-cdd57312ed41	0 259 B	475ms 155ms	Image text/plain	204.237.133.121 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3588613b-d98e-4b00-8e69-cdd57312ed41 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.237.133.121 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Fri, 10 Sep 2021 22:17:51 GMT Server MT3 3944 2bcb57b master zrh-pixel-x24 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3588613b-d98e-4b00-8e69-cdd57312ed41 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 10 Sep 2021 22:17:50 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame E359 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk0QTdCMDktRkRCQS00RTVBLUI1MEItNjgzMjQ0N0RBQjc0&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk0QTdCMDktRkRCQS00RTVBLUI1MEItNjgzMjQ0N0RBQjc0&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 340 B	496ms 159ms	Image image/gif	104.36.113.17 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private x-lat sfopug012:0:266 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 10 Sep 2021 22:17:51 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame E359 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15	42 B 110 B	494ms 160ms	Image image/gif	104.36.113.17 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private x-lat sfopug011:0:549 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 10 Sep 2021 22:17:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 333 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame E359 Redirect Chain https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F8FED78BD214609A41775662B6D0BBB	42 B 303 B	315ms 160ms	Image image/gif	104.36.113.17 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F8FED78BD214609A41775662B6D0BBB Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private x-lat sfopug008:0:420 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers date Fri, 10 Sep 2021 22:17:51 GMT x-content-type-options nosniff server nginx location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F8FED78BD214609A41775662B6D0BBB strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 154 expires Thu, 09 Sep 2021 22:17:51 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame E359 Redirect Chain https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9136448935933272072&gdpr=0&gdpr_consent=&us_privacy=	1 B 162 B	409ms 155ms	Image text/html	204.237.133.120 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9136448935933272072&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.237.133.120 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private x-lat 10:0:577 server nginx content-type text/html; charset=utf-8 content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9136448935933272072&gdpr=0&gdpr_consent=&us_privacy= pragma no-cache date Fri, 10 Sep 2021 22:17:50 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame E359 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d656a76-b76c-4603-b83a-ac860f92f476	42 B 603 B	452ms 154ms	Image image/gif	204.237.133.120 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d656a76-b76c-4603-b83a-ac860f92f476 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.237.133.120 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private x-lat sv3pug010:0:316 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 10 Sep 2021 22:17:51 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d656a76-b76c-4603-b83a-ac860f92f476 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame E359 Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTvZjgAAAJnuWAAT&gdpr=0&gdpr_consent=	1 B 251 B	479ms 154ms	Image text/html	204.237.133.120 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTvZjgAAAJnuWAAT&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.237.133.120 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private x-lat 10:0:506 server nginx content-type text/html; charset=utf-8 content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 10 Sep 2021 22:17:51 GMT via 1.1 varnish server Varnish x-timer S1631312271.107369,VS0,VE0 x-served-by cache-hhn4067-HHN x-cache HIT location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTvZjgAAAJnuWAAT&gdpr=0&gdpr_consent= cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	SPug Show response simage4.pubmatic.com/AdServer/ Frame E359	0 259 B	492ms 162ms	Script text/plain	104.36.113.24
General Check archive.org Show headers Download Go to Full URL https://simage4.pubmatic.com/AdServer/SPug?partnerID=156538&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.36.113.24 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:17:51 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"