urlscan.io logo urlscan.io
SecurityTrails logo

w1.areturnersmagic.com Open in urlscan Pro
2606:4700:3031::ac43:a32c  Public Scan

Go To Rescan Add Verdict Report
URL: https://w1.areturnersmagic.com/
Submission: On July 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 14 countries across 104 domains to perform 412 HTTP transactions. The main IP is 2606:4700:3031::ac43:a32c, located in United States and belongs to CLOUDFLARENET, US. The main domain is w1.areturnersmagic.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 29th 2023. Valid for: a year.
This is the only time w1.areturnersmagic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 27 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.31 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
24 34.239.32.238 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1178:1:4... 35415 (WEBZILLA)
1 192.243.59.20 39572 (ADVANCEDH...)
5 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a04:4e42:200... 54113 (FASTLY)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 7 145.40.97.66 54825 (PACKET)
5 213.227.153.220 60781 (LEASEWEB-...)
5 2a02:6b8::90 208722 (GLOBAL_DC)
3 185.255.84.151 200271 (IGUANE-)
27 54.194.182.208 16509 (AMAZON-02)
3 8.2.109.168 46636 (NATCOWEB)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 3.227.161.48 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2.18.161.178 16625 (AKAMAI-AS)
4 66.225.223.95 3949 (NTTA-3946)
2 2a02:2638:d::4 44788 (ASN-CRITE...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 5 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
4 185.89.211.116 29990 (ASN-APPNEX)
1 151.101.65.108 54113 (FASTLY)
16 2a02:2638:d::2 44788 (ASN-CRITE...)
2 178.250.7.9 44788 (ASN-CRITE...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:d::11 44788 (ASN-CRITE...)
2 2a02:6b8:a::a 208722 (GLOBAL_DC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
8 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 2a02:6b8::184 208722 (GLOBAL_DC)
1 2a02:6b8::36 208722 (GLOBAL_DC)
4 80.77.87.166 46636 (NATCOWEB)
2 13.32.99.50 16509 (AMAZON-02)
2 54.76.205.5 16509 (AMAZON-02)
2 51.89.9.251 16276 (OVH)
2 4 185.86.139.104 201081 (SMARTADSE...)
3 17 185.80.39.216 27381 (CASALE-MEDIA)
4 4 23.218.164.71 16625 (AKAMAI-AS)
8 23.218.210.30 16625 (AKAMAI-AS)
5 23.35.236.201 16625 (AKAMAI-AS)
2 2600:9000:223... 16509 (AMAZON-02)
2 77.245.57.72 36057 (WEBAIR-IN...)
2 54.174.190.28 14618 (AMAZON-AES)
2 2606:2800:233... 15133 (EDGECAST)
9 9 185.89.210.122 29990 (ASN-APPNEX)
3 3 216.52.2.48 30282 (AS-INAPCD...)
2 216.52.2.39 32475 (SINGLEHOP...)
6 6 46.228.174.117 56396 (AMOBEE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
4 4 193.0.160.130 54312 (ROCKETFUEL)
2 69.166.1.10 27630 (AS-XFERNET)
6 3.75.62.37 16509 (AMAZON-02)
2 2 23.22.136.75 14618 (AMAZON-AES)
3 18.195.140.8 16509 (AMAZON-02)
2 2 2.18.160.23 16625 (AKAMAI-AS)
2 7 198.47.127.19 62713 (AS-PUBMATIC)
2 30 52.210.15.1 16509 (AMAZON-02)
10 10 52.58.212.116 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
4 6 64.74.236.255 22075 (AS-OUTBRAIN)
3 3 34.98.64.218 396982 (GOOGLE-CL...)
4 4 52.3.201.139 14618 (AMAZON-AES)
4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 52.21.85.14 14618 (AMAZON-AES)
4 4 2603:c020:400... 31898 (ORACLE-BM...)
2 38.91.45.7 398989 (DEEPINTENT)
4 6 70.42.32.31 22075 (AS-OUTBRAIN)
2 2 69.192.160.219 16625 (AKAMAI-AS)
3 3 34.254.137.118 16509 (AMAZON-02)
4 4 208.93.169.131 46244 (WEBMD-IDC...)
3 4 151.101.130.49 54113 (FASTLY)
11 13 142.250.185.194 15169 (GOOGLE)
8 15.197.193.217 16509 (AMAZON-02)
2 2 202.241.208.55 4694 (IDCF IDC ...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 3 52.46.143.56 16509 (AMAZON-02)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
2 2 3.220.208.235 14618 (AMAZON-AES)
2 2 65.9.66.64 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
4 4 35.214.141.39 15169 (GOOGLE)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
4 7 185.86.138.153 201081 (SMARTADSE...)
4 6 37.157.4.25 198622 (ADFORM)
1 141.95.32.71 16276 (OVH)
1 178.250.1.9 44788 (ASN-CRITE...)
2 2 213.155.156.182 1299 (TWELVE99 ...)
22 198.47.127.205 3257 (GTT-BACKB...)
1 2 54.239.33.158 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 2 52.213.109.107 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 34.232.60.228 14618 (AMAZON-AES)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
4 69.173.144.165 26667 (RUBICONPR...)
1 69.173.151.100 26667 (RUBICONPR...)
2 2 18.195.46.16 16509 (AMAZON-02)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 63.251.232.165 32475 (SINGLEHOP...)
1 2a05:d018:24:... 16509 (AMAZON-02)
1 198.47.127.20 ()
2 82.145.213.8 ()
10 10 52.30.162.52 ()
1 4 2606:4700:10:... ()
2 4 77.243.51.121 ()
3 3 141.94.170.64 ()
1 34.160.236.64 ()
2 2 31.172.81.158 ()
1 35.186.193.173 ()
1 195.5.165.20 ()
1 1 34.102.163.6 ()
1 98.98.134.243 ()
1 1 64.227.64.62 ()
1 23.88.86.2 ()
1 1 34.102.253.54 ()
412 100
27    2606:4700:3031::ac43:a32c (United States)

ASN13335 (CLOUDFLARENET, US)
w1.areturnersmagic.com
areturnersmagic.com
9    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.32.99.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-31.fra60.r.cloudfront.net
cdn.purpleads.io
5    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
24    34.239.32.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-32-238.compute-1.amazonaws.com
api.purpleads.io
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1178:1:4b::1a (Netherlands)

ASN35415 (WEBZILLA, NL)
vengeful-egg.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
warlockstallioniso.com
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2606:4700:20::ac43:4a5d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prplads.com
3    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
5    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
3    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
27    54.194.182.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    8.2.109.168 (United States)

ASN46636 (NATCOWEB, US)
prebid.admanmedia.com
3    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
4    3.227.161.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-161-48.compute-1.amazonaws.com
1x1.a-mo.net
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
13    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com
images.outbrainimg.com
4    66.225.223.95 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
log.outbrainimg.com
2    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
adsdkprod.azureedge.net
5    2a02:26f0:f700:9::58dd:5c18 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
4    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs-simple.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs-simple.com
16    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
1    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
8    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
avatars.mds.yandex.net
1    2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
favicon.yandex.net
4    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    13.32.99.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-50.fra60.r.cloudfront.net
public.servenobid.com
2    54.76.205.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-205-5.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
17    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    23.218.164.71 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-164-71.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2600:9000:223f:1e00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
2    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    54.174.190.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-190-28.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
9    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.22.136.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-136-75.compute-1.amazonaws.com
ssp.disqus.com
3    18.195.140.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-140-8.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
7    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
30    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
10    52.58.212.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-212-116.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
6    64.74.236.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
sync.outbrain.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    52.3.201.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-201-139.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2a05:d018:d29:3605:4d2e:1255:2706:70af (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    52.21.85.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-85-14.compute-1.amazonaws.com
sync.ipredictive.com
4    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
6    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    34.254.137.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-137-118.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
13    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
8    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
2    3.220.208.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-208-235.compute-1.amazonaws.com
i.liadm.com
2    65.9.66.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-64.fra56.r.cloudfront.net
live.rezync.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
4    35.214.141.39 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 39.141.214.35.bc.googleusercontent.com
csync.loopme.me
3    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
7    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
6    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    141.95.32.71 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-006.roqad.pl
wt.rqtrk.eu
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
22    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
simage2.pubmatic.com
2    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.213.109.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-109-107.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    34.232.60.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-60-228.compute-1.amazonaws.com
a.audrte.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    18.195.46.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-46-16.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
3    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2a05:d018:24:b002:5b08:cd2d:1e37:b69e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
2    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
10    52.30.162.52 (None, )

ASN- ()
match.prod.bidr.io
4    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
spl.zeotap.com
4    77.243.51.121 (None, )

ASN- ()
uipglob.semasio.net
3    141.94.170.64 (None, )

ASN- ()
pixel.onaudience.com
1    34.160.236.64 (None, )

ASN- ()
odr.mookie1.com
2    31.172.81.158 (None, )

ASN- ()
sync.bumlam.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
1    64.227.64.62 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
35 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 812
image2.pubmatic.com — Cisco Umbrella Rank: 1036
simage2.pubmatic.com — Cisco Umbrella Rank: 797
simage4.pubmatic.com
55 KB
32 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1920
usersync.gumgum.com — Cisco Umbrella Rank: 2074
10 KB
29 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3004
public.servenobid.com — Cisco Umbrella Rank: 5241
18 KB
27 areturnersmagic.com
w1.areturnersmagic.com
areturnersmagic.com
485 KB
26 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 99349
api.purpleads.io — Cisco Umbrella Rank: 39264
42 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
330 KB
21 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
78 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
csm.eu.criteo.net — Cisco Umbrella Rank: 7838
117 KB
17 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160
eus.rubiconproject.com — Cisco Umbrella Rank: 616
token.rubiconproject.com — Cisco Umbrella Rank: 652
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199
46 KB
17 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
dsum.casalemedia.com — Cisco Umbrella Rank: 1666
14 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 988
assets.a-mo.net — Cisco Umbrella Rank: 2228
1x1.a-mo.net — Cisco Umbrella Rank: 3118
30 KB
11 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
6 KB
11 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 24291
b1sync.zemanta.com — Cisco Umbrella Rank: 573
3 KB
10 bidr.io
match.prod.bidr.io
6 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
3 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
2 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 469
6 KB
9 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1574
mp.4dex.io — Cisco Umbrella Rank: 2835
74 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
2 KB
8 yastatic.net
yastatic.net — Cisco Umbrella Rank: 5573
199 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
113 KB
7 admanmedia.com
prebid.admanmedia.com — Cisco Umbrella Rank: 46361
cs.admanmedia.com — Cisco Umbrella Rank: 1124
1 KB
7 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 18293
yandex.ru — Cisco Umbrella Rank: 1687
287 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
4 KB
6 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 778
2 KB
6 technoratimedia.com
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 3909
sync.technoratimedia.com — Cisco Umbrella Rank: 1634
14 KB
6 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7742
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9015
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13879
dis.criteo.com — Cisco Umbrella Rank: 608
107 KB
6 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2218
log.outbrainimg.com — Cisco Umbrella Rank: 2371
50 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3605
onesignal.com — Cisco Umbrella Rank: 1284
img.onesignal.com — Cisco Umbrella Rank: 7418
95 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025
4 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
3 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1060
ap.lijit.com — Cisco Umbrella Rank: 782
3 KB
5 adnxs-simple.com
ams3-ib.adnxs-simple.com — Cisco Umbrella Rank: 20995
cdn.adnxs-simple.com — Cisco Umbrella Rank: 14619
30 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 59
7 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
1 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1061
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
1 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 651
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
3 KB
4 prplads.com
cdn.prplads.com — Cisco Umbrella Rank: 64128
304 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
4 KB
3 onaudience.com
pixel.onaudience.com
pixel-eu.onaudience.com Failed
1 KB
3 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 4168
pubmatic-match.dotomi.com
387 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25056
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22775
897 B
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 428
872 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 494
962 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 670
846 B
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 496
692 B
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
169 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3835
858 B
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
21 KB
2 bumlam.com
sync.bumlam.com
1 KB
2 opera.com
t.adx.opera.com
824 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1657
565 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2972
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
485 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
872 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5037
562 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1580
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 697
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1109
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 597
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1137
60 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1072
930 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5907
748 B
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1413
886 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1581
418 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1113
912 B
2 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 4317
739 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1435
320 B
2 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5096
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 857
2 yandex.net
avatars.mds.yandex.net — Cisco Umbrella Rank: 6806
favicon.yandex.net — Cisco Umbrella Rank: 8731
9 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
10 KB
1 playground.xyz
ads.playground.xyz
464 B
1 truffle.bid
matching.truffle.bid
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 mrtnsvr.com
ad.mrtnsvr.com
308 B
1 iprom.net
core.iprom.net
282 B
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 mookie1.com
odr.mookie1.com
213 B
1 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1904
67 B
1 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2962
111 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1659
350 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 24028
269 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372
465 B
1 azureedge.net
adsdkprod.azureedge.net — Cisco Umbrella Rank: 55775
25 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 10774
6 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129
603 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
76 KB
1 warlockstallioniso.com
warlockstallioniso.com — Cisco Umbrella Rank: 995001
1 vengeful-egg.com
vengeful-egg.com — Cisco Umbrella Rank: 704989
450 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
33 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
412 104
Domain Requested by
30 usersync.gumgum.com 2 redirects g2.gumgum.com
ads.pubmatic.com
27 ads.servenobid.com cdn.prplads.com
public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
ads.pubmatic.com
25 w1.areturnersmagic.com w1.areturnersmagic.com
24 api.purpleads.io cdn.purpleads.io
w1.areturnersmagic.com
16 static.criteo.net ads.eu.criteo.com
15 simage2.pubmatic.com ads.pubmatic.com
13 cm.g.doubleclick.net 11 redirects g2.gumgum.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 match.prod.bidr.io 10 redirects
10 x.bidswitch.net 10 redirects
9 pagead2.googlesyndication.com w1.areturnersmagic.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 match.adsrvr.org g2.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
public.servenobid.com
8 eus.rubiconproject.com public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
8 yastatic.net yandex.ru
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 image2.pubmatic.com ads.pubmatic.com
7 rtb-csync.smartadserver.com 4 redirects ssbsync.smartadserver.com
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
7 image6.pubmatic.com 2 redirects ads.pubmatic.com
7 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
7 prebid.a-mo.net 2 redirects cdn.prplads.com
6 c1.adform.net 4 redirects ads.pubmatic.com
6 b1sync.zemanta.com 4 redirects ssbsync.smartadserver.com
6 sync.outbrain.com 4 redirects g2.gumgum.com
6 ups.analytics.yahoo.com public.servenobid.com
ads.pubmatic.com
6 ib.adnxs.com 6 redirects
6 script.4dex.io cdn.prplads.com
script.4dex.io
5 sync.1rx.io 5 redirects
5 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
5 www.bing.com 2 redirects w1.areturnersmagic.com
5 bs.yandex.ru cdn.prplads.com
w1.areturnersmagic.com
5 b1h-euc1.zemanta.com cdn.prplads.com
5 fonts.gstatic.com fonts.googleapis.com
4 uipglob.semasio.net 2 redirects
4 token.rubiconproject.com eus.rubiconproject.com
4 csync.loopme.me 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 bh.contextweb.com 4 redirects
4 sync.technoratimedia.com 4 redirects
4 pr-bh.ybp.yahoo.com g2.gumgum.com
ads.pubmatic.com
4 sync.srv.stackadapt.com 4 redirects
4 p.rfihub.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 ssbsync.smartadserver.com 2 redirects public.servenobid.com
4 cs.admanmedia.com cdn.prplads.com
g2.gumgum.com
4 ams3-ib.adnxs-simple.com assets.a-mo.net
w1.areturnersmagic.com
cdn.adnxs-simple.com
4 log.outbrainimg.com cdn.purpleads.io
w1.areturnersmagic.com
4 1x1.a-mo.net w1.areturnersmagic.com
4 cdn.prplads.com cdn.purpleads.io
4 fonts.googleapis.com w1.areturnersmagic.com
googleads.g.doubleclick.net
cdn.purpleads.io
3 pixel.onaudience.com 3 redirects
3 mwzeom.zeotap.com ads.pubmatic.com
3 dsp.adfarm1.adition.com 3 redirects
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
3 creativecdn.com 3 redirects
3 ad.360yield.com 3 redirects
3 us-u.openx.net 3 redirects
3 secure.adnxs.com 3 redirects
3 match.sharethrough.com public.servenobid.com
ssbsync.smartadserver.com
3 ad.turn.com 3 redirects
3 ce.lijit.com 3 redirects
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 onesignal.com cdn.onesignal.com
3 mp.4dex.io cdn.prplads.com
3 prebid.admanmedia.com cdn.prplads.com
3 hb-api.omnitagjs.com cdn.prplads.com
3 cdn.jsdelivr.net cdn.prplads.com
2 sync.bumlam.com 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 t.adx.opera.com ads.pubmatic.com
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 tg.socdm.com 2 redirects
2 stags.bluekai.com 2 redirects
2 match.deepintent.com g2.gumgum.com
2 sync.ipredictive.com 2 redirects
2 pool.admedo.com 2 redirects
2 hbx.media.net 2 redirects
2 ssp.disqus.com 2 redirects
2 sync.go.sonobi.com public.servenobid.com
2 ap.lijit.com public.servenobid.com
2 ad-cdn.technoratimedia.com public.servenobid.com
2 cs-server-s2s.yellowblue.io public.servenobid.com
2 sync.adkernel.com public.servenobid.com
2 cs-rtb.minutemedia-prebid.com public.servenobid.com
2 onetag-sys.com public.servenobid.com
2 g2.gumgum.com public.servenobid.com
2 public.servenobid.com cdn.prplads.com
2 yandex.ru w1.areturnersmagic.com
yandex.ru
2 csm.eu.criteo.net ads.eu.criteo.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 cat.fr3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 images.outbrainimg.com cdn.purpleads.io
w1.areturnersmagic.com
2 adservice.google.com pagead2.googlesyndication.com
2 www.google-analytics.com w1.areturnersmagic.com
www.google-analytics.com
2 cdn.onesignal.com w1.areturnersmagic.com
cdn.onesignal.com
2 areturnersmagic.com 2 redirects
2 cdn.purpleads.io w1.areturnersmagic.com
1 ads.playground.xyz 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com
1 ad.mrtnsvr.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 odr.mookie1.com
1 simage4.pubmatic.com ads.pubmatic.com
1 sync.tidaltv.com ssbsync.smartadserver.com
1 casale-match.dotomi.com 1 redirects
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 a.audrte.com ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 favicon.yandex.net
1 avatars.mds.yandex.net
1 img.onesignal.com w1.areturnersmagic.com
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 adsdkprod.azureedge.net adsdk.microsoft.com
1 cdn.adnxs-simple.com assets.a-mo.net
1 adsdk.microsoft.com assets.a-mo.net
1 assets.a-mo.net cdn.prplads.com
1 region1.google-analytics.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.google-analytics.com
1 warlockstallioniso.com w1.areturnersmagic.com
1 vengeful-egg.com w1.areturnersmagic.com
1 code.jquery.com w1.areturnersmagic.com
0 pixel-eu.onaudience.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
412 147

This site contains links to these domains. Also see Links.

Domain
areturnersmagic.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-29 -
2024-01-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.purpleads.io
Amazon RSA 2048 M02		 2023-02-24 -
2023-11-29		 9 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
vengeful-egg.com
R3		 2023-05-21 -
2023-08-19		 3 months crt.sh
warlockstallioniso.com
R3		 2023-07-06 -
2023-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
prplads.com
GTS CA 1P5		 2023-06-17 -
2023-09-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.a-mo.net
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-04-08 -
2023-10-07		 6 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-13 -
2023-08-10		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2023-02-27 -
2024-03-29		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 05		 2023-04-20 -
2024-04-14		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-03 -
2023-08-27		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-07 -
2023-08-30		 3 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-06-21 -
2023-12-19		 6 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-07-10 -
2024-01-07		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.avatars.mds.yandex.net
GlobalSign RSA OV SSL CA 2018		 2023-03-06 -
2023-10-06		 7 months crt.sh
favicon.yandex.net
GlobalSign ECC OV SSL CA 2018		 2023-06-02 -
2023-11-01		 5 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.technoratimedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.audrte.com
Amazon RSA 2048 M01		 2023-02-08 -
2024-03-08		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-08 -
2024-07-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh

This page contains 98 frames:

Primary Page: https://w1.areturnersmagic.com/
Frame ID: A24122C28275B5245302FF05579B47F1
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: 5E18B3A630C9310A4026E553605ABC6D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&adk=1812271804&adf=3025194257&lmt=1689492589&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fw1.areturnersmagic.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689527226654&bpp=4&bdt=361&idt=393&shv=r20230711&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2023942858174&frm=20&pv=2&ga_vid=303911924.1689527227&ga_sid=1689527227&ga_hid=1098086231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C42532278%2C42532280%2C44759842%2C31075849%2C31075881%2C31076130%2C44788442%2C44796477&oid=2&pvsid=1297263027343578&tmod=16652058&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=415
Frame ID: 95E18C3525B6A22BCE3FE48982C11EFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2023-07-11.js
Frame ID: 2FB0C1EFF55AAAD73A75F502A236F822
Requests: 13 HTTP requests in this frame

Frame: https://assets.a-mo.net/js/c.js
Frame ID: 57D14B227F160551EDDD10BEFD1496C4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 22C862C55B8A65CEFE446396E7DAC875
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8E7EBAFD69A3C2269DF08A60EC312E2D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6538735A2BC9B1EE73C5B8F17B6C84DF
Requests: 6 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2023-07-11.js
Frame ID: BF8D5B8475C9CC016D130CD083151DFE
Requests: 13 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2023-07-11.js
Frame ID: BF57ED8B5063A27B5EF93DEFAE23E861
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 8ACADAE48A2629767C6D0365A173EB8A
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Frame ID: 4D51BDDA6D2E25A479DE2E090A7B60C5
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Frame ID: F4E093AFE9D44EDADC7D035AF2CD46E4
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 47ADF9BAF078AC9AF9C74658FCFBFCF0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EDA9ED4EFD60E697A3AC4E4DC4DF8BAE
Requests: 2 HTTP requests in this frame

Frame: https://yandex.ru/ads/system/context.js
Frame ID: 5B6EEB4334BC1012DB91862CB9C41157
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 4D358A6E2B2EDB577C2F6DF352A09424
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E74F8A7D2609A20D980ABB56A67BE17A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A03CC9F1300B0F644F07DE64155355D4
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: C1A384F8F96F1F16A195F8641A85BA8B
Requests: 5 HTTP requests in this frame

Frame: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Frame ID: 5A709F83FB54CD6EEF1704621F3CE8EB
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 33B1314236996F21EFB72A0178BCD099
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: B2DD319A142E8F2D8BCE8D4E6ED4844E
Requests: 13 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 357486267561D4B4EBA0990E54678428
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 63EB7495E969CFA9FBD9A82FFE82DA1D
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: E269A3F38901A6A641F63F46E08550D4
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 1AE55B05C829950293C1CB1F7A946EC5
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 39A710E8D5080C9ED7758B33BA2D3E17
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B973CB1544551E86E4E00B8E5DA0F0B7
Requests: 21 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: A3EBEAD1DE49DCF72493A58A4C1F193D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 1F69450652F33F05806E3717C043C312
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 3A1F76E1650E3EE40A8F21FD2D62B2C9
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Frame ID: C8D4C155E2F52E5F49AA0065E888BC49
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=&_test=ZLQjvwABU1BsXQAb
Frame ID: 8EC2D1D78A21C4E540294E7D70C8EEB1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYWI0YTRiNi1hNThjLTQyNTQtOGFiZS01NDU1NTYzNWRkYmI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: E54B3F41B54D5BD0F07543D789370E66
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 104C9A4E28ABEBC16A501663BB4970A2
Requests: 10 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 971745F4528B3B3A61294C9836BA9F2B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tIAAIloUlcAAAAA
Frame ID: E82D385C8033CCF0168E4A8981CAD988
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 2509AE29C6D07AD1841DBC1EED3956BC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: C593BD6F6EF5D72F63A59A60B6E714F8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum&tc=1
Frame ID: 3DB937C80B1F682B1DEA34E6B89D3B38
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D4F582336F7D374F95906594ABA06B67
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 38497B6CB17D7AFC87A803E58A50C150
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4269914026473427936
Frame ID: E8CD7D91243A64F84AD0F90488F6BC6C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828863579194
Frame ID: A216FF6C5923E21F5146A28803913FA7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 1F89F6C6BEB2A402BA15B24FE4C2D094
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X
Frame ID: C234BE40E3791D4B743523CFFF15B6FE
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Frame ID: D27647AFD28ED42504496ACF792FBC97
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Frame ID: 9D41B0F3DE74235446C12F472BF46423
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 2E85DA555EED070425E38029D05811D4
Requests: 13 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: CDF5A9FA69E56F2525F79F05D7DFE8B0
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E4F4DB46357BD1B7AB1E2D4D57770B42
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 3D13DFC22EBA173251DDB3D03A8C5ACB
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 205456ECC105E3921808DE6BB17F92C1
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 806E58BE0F3E347039AFFF7905A8FC16
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 29CF596FB3FA2F596A63CF5C3EB9E8A0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: CB9E1F84C653579FCD6B105595D99698
Requests: 4 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 6CC2EA732BE14101F2AC81AB84245626
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 716914299E04F3DB2427AE9733C6EDDA
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: EBD2120F4E3339F5DABBC9782C78C98A
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Frame ID: 79196861FE0C1D5E301C3CE7ACEF00F3
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=
Frame ID: C2F1795B7750C09913FF128F4059354C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYWI0YTRiNi1hNThjLTQyNTQtOGFiZS01NDU1NTYzNWRkYmI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: E085F2492182900A9B35F0BC4F7F2AE5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: D59D8E9B6A01C6B580D2FF88678661FF
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: C0F30091C20EC300774AC36221DB8988
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tAAAO2JsdAAAAAA
Frame ID: 0F3E02ADB8047E06DEC980F4FDE55E66
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: FFF1281F806E4697AA9C4D931C04477E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 5912806C007CD4CABD055659C29E370A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum
Frame ID: 7B4A6521801FDD5C35B1FF742FEA4D6E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: FBCD3C8EAA05B591AA542943933AD362
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Frame ID: 93213B186958ED1DFBE917BE508E79DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
Frame ID: 378E79A0A9EC145E0EF0326EC49B2D9C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Frame ID: 659A26CB645DD0047E76E61FF82866C1
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: AAE95460B86F1615F49F1446AFF83DE5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Frame ID: 5979FA25271A54DC138B4754F9A9853C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
Frame ID: F1E7E4534CBC42D6566ADDC347E0FDDF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Frame ID: 0A7DC10309652E66E789C0F86F08A95B
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Frame ID: 65792C80E90154E8F4BD8CFAD0A51B01
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
Frame ID: C0AA250E7B6BBE74D2568D94AE25372B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Frame ID: A496B52519BF9BECAF19D202F8644AD2
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 00FCDDBB76CE785085ADD4E868E3CD39
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Frame ID: 6FB3870E68858C9FA4D4F4B276441C08
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
Frame ID: 687151AEE1F9F15B81D02E8E572C3A5D
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Frame ID: 86A6A7D091537CD40B8F267E051BEA68
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 000B3B43B078132A4AD3515FD3FC7B73
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: D197DA5A89677585628B7E43121D2E4D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: FF341F3CB62459E86904E1B88288767F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 22D115E9E472440C63135357AC4DA5B2
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 633CC4FA865ECCD343E28B5DF9CBE2F8
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 385429DE3E0C40EDE9857DF7D9394065
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 84534B8BBDC4610CF4EF54D0C0E74330
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Frame ID: 8323B12D6E1A676173C62666538CED4E
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Frame ID: 9AF8F9D37DE59B9A6EF76867EC18BD2B
Requests: 1 HTTP requests in this frame

Frame: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Frame ID: C6AFF0A738493717C8969ED80C99006A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1A546FD6FB22B19B0CB4C45E257C57B6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:317F0B4C0A6E4EBAAC10BB996C32E086&gdpr=0&gdpr_consent=
Frame ID: C3C006AC4A9C58C6F135FFBD0AB6FB0E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3752493873
Frame ID: 402EDE752D3DFEDE32D16CA51E26E785
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Frame ID: 55C8E42AE54DC7045C1EA4F75ED2121F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Read A Returners Magic Should Be Special Manga - [English Version]

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

412
Requests

81 %
HTTPS

32 %
IPv6

104
Domains

147
Subdomains

100
IPs

14
Countries

2883 kB
Transfer

7773 kB
Size

103
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg HTTP 301
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
Request Chain 34
  • https://areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg HTTP 301
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
Request Chain 98
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=17290c1b-355f-4505-8377-125b840d13a3&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a2c91c62-4312-4faa-97a0-f7690b9b1518&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dce8d94da482f4a12bf8a3a4da3490b65%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=20752057&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2562992547927724768 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce8d94da482f4a12bf8a3a4da3490b65&SNR=1&GV=2&med=10
Request Chain 144
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 194
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=17290c1b-355f-4505-8377-125b840d13a3&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a2c91c62-4312-4faa-97a0-f7690b9b1518&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dce8d94da482f4a12bf8a3a4da3490b65%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=20752057&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2562992547927724768 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce8d94da482f4a12bf8a3a4da3490b65&tids=15000&med=10
Request Chain 214
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 215
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 221
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
Request Chain 222
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
Request Chain 224
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1689527231600 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5943410751 HTTP 302
  • https://sync.1rx.io/usersync/turn/2346221417666266858?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-beb6e022-1668-478f-8c2e-cd407d37b339-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-beb6e022-1668-478f-8c2e-cd407d37b339-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-beb6e022-1668-478f-8c2e-cd407d37b339-003
Request Chain 225
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
Request Chain 227
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=
Request Chain 229
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
Request Chain 232
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 234
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
Request Chain 235
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=356a0356-b8dd-4c4b-8b30-caff3016ad84&user_group=1&ssp=gumgum2&bsw_param=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 236
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&obuid=ENC(l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 237
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
Request Chain 238
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
Request Chain 240
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
Request Chain 241
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 243
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=cx0gUpUFTRqfRChG1oDZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3YGBTVK4CVIZKFE4LGKJBWQRZRN5CFUJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3YGBTVK4CVIZKFE4LGKJBWQRZRN5CFUJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
Request Chain 244
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
Request Chain 245
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=sCezRsQ8U64z&ev=1&pid=558355
Request Chain 246
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
Request Chain 248
  • https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99 HTTP 307
  • https://ads.servenobid.com/sync?pid=362&uid=GDPR
Request Chain 249
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZLQjvwABU1BsXQAb HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=&_test=ZLQjvwABU1BsXQAb
Request Chain 253
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tIAAIloUlcAAAAA
Request Chain 256
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum&tc=1
Request Chain 257
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
Request Chain 259
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
Request Chain 261
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 262
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bcd7fc83-2bf0-4fbd-b52a-12e3abe9c3b7
Request Chain 263
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZLQjv0Rt8zi6KxDvRkE53QAA%265181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZLQjv0Rt8zi6KxDvRkE53QAA%265181&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a49bc3846e8d41d3bd0b6d21d42997fd HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a49bc384-6e8d-41d3-bd0b-6d21d42997fd HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=19b41951-2ebb-4c46-9ee0-37466dd20337%3A1689527233.0246456&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D19b41951-2ebb-4c46-9ee0-37466dd20337%253A1689527233.0246456%26_%3D1689527233.1149983&cb=1689527233.1150444 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433828863579194&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D19b41951-2ebb-4c46-9ee0-37466dd20337%253A1689527233.0246456%26_%3D1689527233.1149983 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=19b41951-2ebb-4c46-9ee0-37466dd20337%3A1689527233.0246456&_=1689527233.1149983 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjcxOWI0MTk1MS0yZWJiLTRjNDYtOWVlMC0zNzQ2NmRkMjAzMzc6MTY4OTUyNzIzMy4wMjQ2NDU2EAAaDQjBx9ClBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELhzbYQMAdTkf2ib1MvVIRI&google_cver=1
Request Chain 264
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1703393660974163132
Request Chain 265
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 268
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7256464202877761691&gdpr=0&gdpr_consent=
Request Chain 269
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407763652132818904&gdpr=0&gdpr_consent=
Request Chain 270
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5945908886327755583&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 273
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4269914026473427936
Request Chain 274
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828863579194
Request Chain 275
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 276
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4av8uxe4TeK4mP5AW3uUpg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2557823176 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTFBQkZDQkItMTdCOC00REUyLUI4OTgtRkU0MDVCN0I5NEE2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENNcrjXqx5_tosHvYqkKtC8&google_cver=1
Request Chain 285
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6515876097282188256
Request Chain 300
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 306
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
Request Chain 307
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
Request Chain 309
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1614270571
Request Chain 310
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
Request Chain 312
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=
Request Chain 314
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
Request Chain 317
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
Request Chain 320
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
Request Chain 322
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=95af5e9b-164e-44d5-a36a-f4e292821a1c&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 324
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1689613632
Request Chain 329
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f3e286a4-3246-4601-bb57-003d324d1067&gdpr_consent=null&gdpr=0
Request Chain 331
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5945908886327755583&gdpr=0&gdpr_consent=
Request Chain 332
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
Request Chain 333
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=lnPW65J01rmNI4S-lXGZu8V1je2NJNe7xiEaUJF_ HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 334
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&obuid=ENC(l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 335
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
Request Chain 336
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
Request Chain 338
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
Request Chain 339
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 341
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=cx0gUpUFTRqfRChG1oDZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3YGBTVK4CVIZKFE4LGKJBWQRZRN5CFUJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3YGBTVK4CVIZKFE4LGKJBWQRZRN5CFUJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
Request Chain 342
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
Request Chain 343
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=y4B8za6tVv1J&ev=1&pid=558355
Request Chain 344
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
Request Chain 346
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=
Request Chain 350
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tAAAO2JsdAAAAAA
Request Chain 353
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum
Request Chain 354
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 356
  • https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99 HTTP 307
  • https://ads.servenobid.com/sync?pid=362&uid=GDPR
Request Chain 364
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
Request Chain 365
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Request Chain 367
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Request Chain 368
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbXprN0phRWdBQUNRZ1JDTEZUQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEF6U7JaEgAACSXVPokZg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEF6U7JaEgAACSXVPokZg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEF6U7JaEgAACSXVPokZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5945908886327755583&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
Request Chain 371
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 372
  • https://pixel.onaudience.com/?partner=214&mapped=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 375
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 377
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 379
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 380
  • https://pixel.onaudience.com/?partner=214&mapped=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a71fe07cbb0448e9/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=985e072f1c5ca953 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cac2e330-0e9f-43b4-5f05-4c0964e44ca9&reqId=0438fea6-947c-483d-5e6c-e277c559344a&zcluid=985e072f1c5ca953&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGt4xYCfmAkuO4E2mAW0eX4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cac2e330-0e9f-43b4-5f05-4c0964e44ca9&reqId=0438fea6-947c-483d-5e6c-e277c559344a&zcluid=985e072f1c5ca953&zdid=1332
Request Chain 382
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
Request Chain 385
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjCx9ClBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEDZFPmQj-xHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGNlYzdlMmY3LWViMTgtNGU0MS04Y2FlLTE1ZGFiYmVmMWI2Zg** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=36453e64-23fb-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 386
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Request Chain 389
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Request Chain 390
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 391
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRjZVN0phRWdBQUNTWFZQb2taZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEF6U7JaEgAACSXVPokZg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEF6U7JaEgAACSXVPokZg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEF6U7JaEgAACSXVPokZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5945908886327755583&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
Request Chain 395
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 401
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Request Chain 404
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1f618319-c345-456b-9a1b-b68ebbc8f48c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 406
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Request Chain 408
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:317F0B4C0A6E4EBAAC10BB996C32E086&gdpr=0&gdpr_consent=
Request Chain 409
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3752493873
Request Chain 411
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1703393660974163132

412 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
w1.areturnersmagic.com/ 		185 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d44f0d97bb99c7080b40520988f695eba339fcf254a993b13a8261c4585a6b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e7bd6eb9b2a9b7a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Jul 2023 17:07:06 GMT
last-modified
Sun, 16 Jul 2023 07:29:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zctcjH6LKSnvmBAVxXrrQuCyx%2FaWDQWDj2rhu9sxz%2BhLxglRS1ZzwgYPQRQrpfgvD1eyXPRf53%2FRKQzGBMc%2Fwq79ddr7muXXtebnGAWYwp3bSRmH0wF3g%2FdzRr6N0vnrc4O%2FV0%2BocctOR3dXRLmlUg7gJHbH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
918076b5fd4a1641421a729fb24d72c3fdc17169b478a84f43556233f0ac58f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50448
x-xss-protection
0
server
cafe
etag
14841032561020165329
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 17:07:06 GMT
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176d5"
vary
Accept-Encoding
x-hw
1689527226.dop131.am5.t,1689527226.cds017.am5.hn,1689527226.cds010.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
style.min.css
w1.areturnersmagic.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37598
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-13abe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGvKQsIKZ1S0rHBgOLU%2BqtezGpX8gY5q1j%2Fx6OceUuxXxyJCWX6Naudl6xbUjWZrDiHWbqteVJHQcjLHNITY2%2B15hvkEGeDhd20ArXpR4T5mEejP1McDSzjQVbKIUUbZ%2F68SM7j%2B0Xq0QFnAGDF40cSA4urd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6ec8c419b7a-FRA
expires
Sun, 16 Jul 2023 18:40:37 GMT
frontend.css
w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/css/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/css/frontend.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6146e850afd9ba2175c55d58300dd7412223a95c7987cdbad5eee5060a6b3adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37597
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 Oct 2021 04:57:10 GMT
server
cloudflare
etag
W/"615e7e26-7495"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLsVHH0Z5VaJ4sxd7eTMhFRLiTKMmver%2BP8teH%2FBzvrAyfxJcHV0vpWocD%2Fm9YZkYBXuaiUa1g4Js226rKZO3Lj9oVz53m5aCN4cME87W5UNwb0PwHU7kD9spPFTeLEZqqr0S0F9rj3tnY12ACwRAGYIJMwj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6ec8c429b7a-FRA
expires
Sun, 16 Jul 2023 18:40:37 GMT
bootstrap.css
w1.areturnersmagic.com/wp-content/themes/Ifenzi/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/css/bootstrap.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8705
cf-polished
origSize=124948
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-1e814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qb4vsMPmP3mz3wJPJKNfZe2p%2BYqcLZY9CTTAspWQIlNw6bKhcc2bwyZl56UKOsfOxWmFnMsthonktIu43a980dfBQkAuzGf0ofTUI0jaWldJKVCCK4%2BFWl1CwaZX6fnVK%2FAu%2FwwUQIQuJwdn0OtGrc%2Bejk66"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6ec8c449b7a-FRA
expires
Mon, 17 Jul 2023 02:42:09 GMT
style.css
w1.areturnersmagic.com/wp-content/themes/Ifenzi/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/style.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8705
cf-polished
origSize=24746
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-60aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzGqxkR1uqG76PicYcyXyb1RGsBdTCBV8P%2BUJTSCZUdpk0nZHjr9tL2kHUdvmXx9aGnusjMjq5F8zLIduSPzo%2Bakj0jWmObb8Hj12od1YshS8Y2%2BEbhKt2aBjjkEthktkfULAJoZCAwKYv5WZo1WGUzrzLg1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6ec8c469b7a-FRA
expires
Mon, 17 Jul 2023 02:42:09 GMT
font-awesome.min.css
w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8705
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-5cbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iiryBWoQaKpM7x9BGCQXQczlktTY5811JCSFyPyZD3BNHDAyEDgtOutyhy%2FkLMQrfNBGY1tJRIs5qqv%2FTiBngG2Dex%2F1eYzHKBaYF9RhLf6Aw5azaP0RQxuaI%2Fep8q3kG9shUpwv3wC4s%2Byk3lB%2Bjf%2BKUI5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6ec8c479b7a-FRA
expires
Mon, 17 Jul 2023 02:42:09 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd82f6fc030a4b38eca7176b079619808ba33965e942cf6273c18dac1ddb39c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jul 2023 17:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 16:13:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jul 2023 17:07:06 GMT
easy-social-share-buttons.min.css
w1.areturnersmagic.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 		113 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf0850e3e549015b2804a27c8deb6e6a19186e7d711d920457d1f6f640520621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8705
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Jun 2022 12:39:24 GMT
server
cloudflare
etag
W/"62ac75fc-1c233"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5HnAx0Gahk2WEiiKXNpKE0Y83KytOuDL1dlFWC1My0OmUHocL9YmLboyA1WyJzpacx2r3kl7zlsHzGM%2F5rgv4LZJJ8SOgSBbElTFZ05NiFAH88vCS030PS6Q9bn%2BBaP8vQrTTCmDyiAxn1r05CJBxoCXQbO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6ec8c489b7a-FRA
expires
Mon, 17 Jul 2023 02:42:09 GMT
jquery.min.js
w1.areturnersmagic.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8705
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-15db1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7bYUw75op%2BsdGFcXyUFgZ9ACxytO71v33EX5SnYyMLg51nt%2B2qe3ArEbM32Vlu5QWSzYdr1ukkjqVK1lTTWqR1LqLbfqPGploOB%2BML%2BU3%2B3KNLfMg9wSr4wcxG7qkAD49gkTRKQJuwUypEN9mGUkjJPyy20"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6ec8c4a9b7a-FRA
expires
Mon, 17 Jul 2023 02:42:09 GMT
dark-mode.js
w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/dark-mode.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8705
cf-polished
origSize=183317
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 Oct 2021 04:57:10 GMT
server
cloudflare
etag
W/"615e7e26-2cc15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3C1B1LjuOJ3irGfqu1uYERDoIQ0K4hY2CmXumbXj5DKZ023HW3S6%2FS0Qs7I1IwSB0v3lEwA%2FYMxmuygbwHVRFDip8XnwmRmzVegVz80T584mOvxTnk3psOn%2BDKO3mkM5Rnc9504HuhxuvRyIvkckSEdDHD6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6ec8c4b9b7a-FRA
expires
Mon, 17 Jul 2023 02:42:09 GMT
agent.js
cdn.purpleads.io/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba7fd83d0359f27975395f10fc08725fec3990cedf1a56a670e92437c2d0bff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:11:47 GMT
content-encoding
gzip
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jul 2023 13:21:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
64519
x-amz-server-side-encryption
AES256
etag
"b39cf26a3117a603c41cc8048c21cbb2"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
22068
x-amz-cf-id
cY6HTTjD0dgqTeq9FKLH2pMbU1itH80bS8q2PldGx6F6zPT5Zeh8WQ==
load.js
cdn.purpleads.io/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bd1a36997b98708282a92fe575ae9ccfcd6cf2e01f49e3f1788d3b60093b522

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:22:07 GMT
content-encoding
gzip
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jul 2023 13:20:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
13500
etag
"1dc2103244eed2eaf9b3bb33749cca79"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
11753
x-amz-cf-id
gqrUYTIaJNLkd8hBDkCWlbXk3194Tbk7x0zp_u-n5hepy5126V4SRg==
image-1.jpg
w1.areturnersmagic.com/wp-content/uploads/2022/08/
Redirect Chain
  • https://areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03550257f08a2c2d490bec7fd42d6758f27803b123b4297e2bf75eb4d75c8af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1324877
alt-svc
h3=":443"; ma=86400
content-length
32490
last-modified
Fri, 05 Aug 2022 22:38:34 GMT
server
cloudflare
etag
"62ed9bea-7eea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Irx8cHNgSbYEz7ddE64uH3uBwZ7tf0RP0iTgbuCuhamAwimGalm5%2BatwZyyfwGe%2B7RtI6nJF1wKp1b6UWNGEy8acfuVwsURBjTZBWHxeiRp8X0lWp03az8iiYWGRGI6tpylCdm0LaEn9p4e1TZvklNUjUDtw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e7bd6ee5afb1e51-FRA
expires
Mon, 31 Jul 2023 09:05:57 GMT

Redirect headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8O8nbcHnqmr3yK6Ru9xhpKsYuiDLwSu3wh8SStCqIeTu2sfE%2F7YnG1nVBWghCuy1amy2PH9tVT%2B52d1BNkgPSr0GUCUL3c2NqmkVPWf%2ByWcjZzSuvXq7Tfy19U3jCW2IeJFP2okAXbyIhIJLIdRFNgt"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
http://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
cache-control
max-age=14400
cf-ray
7e7bd6ededfb9b7a-FRA
alt-svc
h3=":443"; ma=86400
icons.css
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34370
cf-polished
origSize=37491
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 15:15:06 GMT
server
cloudflare
etag
W/"64a588fa-9273"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BEnYKdjJtQxTtXSp0hEwl7Arbg8mc2XoQn%2F%2Fm0atxavRxwPo%2FBfFQa0YfOdpzDvB%2BYOiKwLenNvOAGNaOXp3nxW%2B6DCVV1JyYns0f1kK1aSd6iGD1xyyvugoCdPYLwrrRKKhnLmfOUv9B6du7YhKHmaKedn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6edb9d51e51-FRA
expires
Sun, 16 Jul 2023 19:34:25 GMT
shortcodes.css
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1690266a4def354da2feda545468781eefe065dab28c28e115ef23160308206b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
cf-polished
origSize=45539
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 15:15:06 GMT
server
cloudflare
etag
W/"64a588fa-b1e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Gdm4t%2BtwRf4Bw3yH0MGGwIvvPNMKBMe08i%2FFcYOYva2%2BmAk6vQ5%2BDzXcax2Rf9VFgRymPJqSOc72OLmkni%2Fbs1louWovdGLuX3niZwQ7nsqUVlJ80q0m05nDhm9WOpGbIfnOsogoFfnAzz%2BPyApP8OaeGeP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7e7bd6edd9f11e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
underscore.min.js
w1.areturnersmagic.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/underscore.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-4a84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oASJ0Vq4Y0JFnHMKrSHT5Fc6B%2FHj0PaSCs%2BJp%2F2dlx%2F6TmmiPTVxNUd4C0BjXnotf7eqgRUN9RIPRgpmtta%2BKC3AWJXE7HuZKN5WOgQf%2FUnEcmG%2FN8K9RWjyUg1Um0Iro2TAsvQZCZiXpsOm4hSuIC%2FZ4%2BlV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edd9f41e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
wp-util.min.js
w1.areturnersmagic.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/wp-util.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-53c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dt%2Foy2jG%2FUUnt8dMWfQbJNzMxNpTXhPe4WCgxWg7FXkoPzZYhXl9uDmngsGxT3yvyXmDPmM2x7eMVRPD1qSRtkEtV6tfMHYEvS4NY0neOe5Zv1MpDrWCv%2FrTBa4kfi5GWqapP5d7wb81bNkY4yXJY0b3iRea"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edd9f51e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
frontend.min.js
w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/frontend.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd3a1326f714eee263d0cf46a7d3e04da82774573de40c6a2ff9094654e7dbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:57:10 GMT
server
cloudflare
etag
W/"615e7e26-158d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTBNZIS9ZJzXBzefJz%2F9Nk0y8AhNoWWcEG15c8Lb0dEwwUDpsekTQg71dZbzPWdEF%2F8GN7%2BEbnArrYzWltWa%2FDKJlZSgO7wIIAbZPVETvhYnNCDM1dAez3UUldrJWA9ccBmmxY9w6nP3JmaG74A7qQuDFqE%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edd9f71e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
bootstrap.js
w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/bootstrap.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
cf-polished
origSize=36790
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-8fb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOVmYNkw3JJSb28TV1gNC8KIo%2BqbyKWYi5a%2FFLMGJ8crjG%2BY%2Bf9QB3diZlV%2BcmLPA2jEDrLL14qm%2FHBjlAhIUaXuTSMIVFyfT73ziAf7CargTiJs8ppyo%2FUXrmx16uGGCrYMt6I9mfBH9B9xL4l4y2QP%2F6fl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edd9f81e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
skip-link-focus-fix.js
w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/ 		588 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
cf-polished
origSize=751
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-2ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yhHEP97HI0l9F6W0VCgBSdraAwC0Wto7p%2FwUSOwVVDQk1p9W%2BOD5Wa%2FiB9dJKz2bmv7F8NcAkkObG%2BYS%2B%2FAHE2jm8hP6Z0OO%2B53hq%2FrIjhHebbWe%2FxBEWme5wwSxkXyoBQzwFWVbXZsdPRcPFNgLanfFmKZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edd9fc1e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
lighthouse.js
w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/ 		1010 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/lighthouse.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
cf-polished
origSize=1100
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-44c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGCKK6q62I2oyYbuxIn2ewF18zSGIZGgd45rZCpuLUOkvyDpN0mg7CbC2g548DaUjeiIJ681nB5ydfWlOHYP%2BXPKlo9IGINtUul5FO8m9S8H8rowSa8IXuEQLI5AZL4nOwyL6%2BxZiaLUaRXqO2d8CTrCja26"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edd9fd1e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
wp-embed.min.js
w1.areturnersmagic.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/wp-embed.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 17 May 2023 03:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64644698-5c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo5w2FjLzQEPuyYHx%2BXSZ9UbewzwfpKWr45wlBamQZA1ZtIyR2xcr6X6X3UoZTOvfnJhRITG1Sx0l8V0nO20%2B2d7aBjWe2U74FGXOsnSX71eN4VINtv4CFcXuNiP8sUg2otceBJZOYv7mdF3f53HJ6kG6Ot2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edd9fe1e51-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Jul 2023 05:07:15 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1504
etag
W/"841a8834d1e8a6a8a6de9933a13d2b34"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7e7bd6ee49ba2c63-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jul 2023 17:07:06 GMT
index.js
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c661376fd6275029eba6e35e45ab10a8f70b857fb53dcf442781ab3937231b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
cf-polished
origSize=15777
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 15:15:07 GMT
server
cloudflare
etag
W/"64a588fb-3da1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRSGWGx%2BB7KhYccnVIiz2%2FExAOv11OOjhz0xUhaRlIfVpoZ1aTvMHspv1hAwg%2BtP8hAWHAIWM5Nmp52EuH2LdAYLdVldJSpThuQlzQnBqg7O4EB8H6obDweX4Vo1FyY6KHlkgGiSGt8hcp05HkWxFyJ%2FhLHA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edda001e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
2566c291e59e185c12a331fef1e235f3.js
w1.areturnersmagic.com/wp-content/easysocialsharebuttons-assets/compiled/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c270e44131dcc18463007a913d8c5db258f201ff507526066f84735df004865e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
cf-polished
origSize=37438
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 02 Jul 2023 03:26:18 GMT
server
cloudflare
etag
W/"64a0ee5a-923e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9T7USfZKVR5WUYP%2B7tcAV76h7AvMavMK%2B0MDQW0Gq2uWcVFn1HbRTL%2BHlVZ%2BaWxnvD0g1drM5OFjesLRBhSNxs0W3rhZmj%2FINso8DBjOZHYNyupSmMeiSeIhq8SGOdNCm2qepvCG9fTL%2BXbWAcYLM7aI3xL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edda011e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
lazyload.min.js
w1.areturnersmagic.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34386
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 07:52:28 GMT
server
cloudflare
etag
W/"615d55bc-1ed2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVgmCfqEoJGfYtdFkCeJsm6M0XsQNFnhgAG7JD0wXC0JIobO0ZWyNF%2FjLOeUICqV%2Bg%2FDQVb1etEX30%2F5lZGeURvFHxKGAHKqs81os8G6WS2ll62RYl7WXvIZNDYbRqsc8vJHFxbi5LvduHOoNjajNoSsvqKw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e7bd6edda021e51-FRA
expires
Sun, 16 Jul 2023 19:34:09 GMT
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=8de1378c36a049c4b9a45e1d8c508c2d&ts=1689527226520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:06 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 17:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
149
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 16 Jul 2023 19:04:37 GMT
f
api.purpleads.io/x/v2/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=8de1378c36a049c4b9a45e1d8c508c2d&ts=1689527226520
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
85fc7b3ab4fb0eb43390a90fc540ce793cf4611909cc20cd85c6cf377bbb1861

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
2.0.3

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
content-encoding
br
pa-user-id
8d6b8d66-1ff0-41a6-903d-33b4bf299c9e
etag
W/"59a-YOgIEvsGE7thML5aI/Pvm64qSlI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
TxMSyw
vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/ 		0
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:06 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
invoke.js
warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 16 Jul 2023 17:07:07 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
init
api.purpleads.io/x/ 		88 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1689527226581
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
3b8c82e1a32337e150164886ef2dd2761fc41c86ee4f6f98b6b3bc408623fc81

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
etag
W/"58-xHfpdyWesQspKgt99FMxHrYL2p8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
88
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1689527226581
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:06 GMT
Nouveau-projet.jpg
w1.areturnersmagic.com/wp-content/uploads/2022/08/
Redirect Chain
  • https://areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0359faff623bdf7d6cc2335c648947e2f808b6093c1a5b0780971ef4c67516d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215797
alt-svc
h3=":443"; ma=86400
content-length
56106
last-modified
Sat, 06 Aug 2022 13:31:48 GMT
server
cloudflare
etag
"62ee6d44-db2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m5Gy7%2B0Piyspxhwy9Hu0Qr0eTA5Ptj6Q3t3ZgEcpAqUc4KO7byEW%2F07L3tsHNz99l2QexJ4oPs%2F4c49xBm9LIom1OA3O8LVnKRdhfhFF3CXgKn%2FRWQtOnpc2c2kUFKXTAAhn2rqd8fb8txqkZ6yJVsQ4LOz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e7bd6eedb8b1e51-FRA
expires
Sun, 13 Aug 2023 05:10:38 GMT

Redirect headers

date
Sun, 16 Jul 2023 17:07:06 GMT
strict-transport-security
max-age=31536000
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FCK1HaTD6ZKjtuCnmiZyUtin%2FSkAXCfv9aev7d3bl92rwN2kjEGHnnmpXxYUESLj5%2BZ%2By6Q1uzQnukD2Pquo9HFyJ24wapoowVIs4bDiMlGMK9x6xQtXphX7Ui5kKVzam0niVaFQk74IJ0Vdr49SMdm"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
http://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
cache-control
max-age=14400
cf-ray
7e7bd6ee3e689b7a-FRA
alt-svc
h3=":443"; ma=86400
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:31:10 GMT
x-content-type-options
nosniff
age
99356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 13:31:10 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 15:41:45 GMT
x-content-type-options
nosniff
age
91521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 15:41:45 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 18:52:01 GMT
x-content-type-options
nosniff
age
512105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jul 2024 18:52:01 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8c130aadb13dcf289d7319edc5169863f166ab4cd4b233a2a9b21fbc2af77c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125718
x-xss-protection
0
server
cafe
etag
4445744874397669071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 17:07:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame 5E18 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
81155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:34:31 GMT
etag
12368291122986407432
expires
Sat, 29 Jul 2023 18:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1098086231&t=pageview&_s=1&dl=https%3A%2F%2Fw1.areturnersmagic.com%2F&ul=en-us&de=UTF-8&dt=Read%20A%20Returners%20Magic%20Should%20Be%20Special%20Manga%20-%20%5BEnglish%20Version%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1201397731&gjid=1200001922&cid=303911924.1689527227&tid=UA-162169209-13&_gid=2029745786.1689527227&_r=1&_slc=1&z=1227043835
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3bfa49ee4e1a2fba0b7d35cddf9560f1be07546565cebb86d47d1fcc6ee2cc69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0YRP7Y1G4K&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84aee1389bed8015a16786afc6291a15b479b7a28189832c06dbb0db35a5424f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77841
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 17:07:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		405 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=w1.areturnersmagic.com&callback=_gfp_s_&client=ca-pub-3327298579154787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb612bc521384c335593b6cbd763b0847f6d5044d3e68d1e755a036062da1b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=w1.areturnersmagic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20lh-nav-bg-transform%20navbar-default%20navbar-fixed-top%20navbar-left&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 95E1 		272 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&adk=1812271804&adf=3025194257&lmt=1689492589&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fw1.areturnersmagic.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689527226654&bpp=4&bdt=361&idt=393&shv=r20230711&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2023942858174&frm=20&pv=2&ga_vid=303911924.1689527227&ga_sid=1689527227&ga_hid=1098086231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C42532278%2C42532280%2C44759842%2C31075849%2C31075881%2C31076130%2C44788442%2C44796477&oid=2&pvsid=1297263027343578&tmod=16652058&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd0b0fd48436d04e7ee4fbaec9c33081c5d900d7cdbde0ca20b6ea864df73a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
59188
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:07 GMT
expires
Sun, 16 Jul 2023 17:07:07 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0YRP7Y1G4K&gtm=45je37c0&_p=1098086231&ul=en-us&sr=1600x1200&cid=303911924.1689527227&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&ngs=1&_s=1&dl=https%3A%2F%2Fw1.areturnersmagic.com%2F&dt=Read%20A%20Returners%20Magic%20Should%20Be%20Special%20Manga%20-%20%5BEnglish%20Version%5D&sid=1689527227&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YRP7Y1G4K&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
agent.js
cdn.prplads.com/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba7fd83d0359f27975395f10fc08725fec3990cedf1a56a670e92437c2d0bff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6QT25YRYPBJ7QWB5
age
5236
x-amz-id-2
33tbQWY8S9aMQj+I3IcGtsGpDZ3bhaBRUnXZ4+uyRA8+kSsJ04T6ibacTkErlV+EVvJraLMgh0w=
cf-bgj
minify
last-modified
Fri, 07 Jul 2023 13:21:56 GMT
server
cloudflare
etag
W/"b39cf26a3117a603c41cc8048c21cbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tya%2BbjBDXJ5iPREdTEHb67cHw6pP8As8W%2F4eIlMi0dL5g9RoUZxLXhj%2BvsVs2v4B2sEONffDDSEt4oW1xsoD2kTZgRxs3Mm1H%2B10BW7J0VMhWqw2Fi%2BwXuiMOsYbZKuzr0gP4iY%2BtfTR6W3ZCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7e7bd6f34a724d31-FRA
/
api.purpleads.io/x/v2/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=882a2031-a7b3-4829-bda7-ae5968d820e2&ts=1689527227392
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
5ceb36a4c422793ab2fe65ed2400ec0d5caff21d4c3a7657d7533a650cacf3fe

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
content-encoding
br
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
etag
W/"d57-pGoMvb9QhqoHiE/HCoUlaCUSPyo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=882a2031-a7b3-4829-bda7-ae5968d820e2&ts=1689527227392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:07 GMT
prebid-2023-07-11.js
cdn.prplads.com/ Frame 2FB0 		302 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2023-07-11.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AZAZJ5HB7N7KEDM5
age
459117
cf-polished
origSize=309911
x-amz-id-2
JhQchBEfD66HAbd5LFDRUwceF4h/vB/q8ZcDEv2ag+xyvZld+8jXDee3TU8EtoUAzUdqGZilQ88=
cf-bgj
minify
last-modified
Tue, 11 Jul 2023 08:48:49 GMT
server
cloudflare
etag
W/"5ebcd954e9429fcb6ba235104d6a1bbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdZYfwDK4SJv1SJJEVXwdHarMWuy%2FU6ObnmEMVYJ4vDL8q%2FWJSV%2BdGTsurwhRq3XE5xwK%2BUAZfXg6d1BR3FNLNx%2F%2BdazVbobBRJZa%2FvEGLPeafzkDJcaYqJyRF8nWNZRTuFzDnu9Vo%2BgqKKyMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
7e7bd6f51c4a4d31-FRA
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2FB0 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230716
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df9f8bce75c6828a73a7b075d3eb5832e1f5027439ea0bee1a02c5974f96177d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 17:07:07 GMT
x-content-type-options
nosniff
content-encoding
br
age
3980
x-jsd-version
1.0.1753
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
947
x-served-by
cache-fra-eddf8230041-FRA
x-jsd-version-type
version
etag
W/"63f-SVU7uIku+ztki4OpWmQrR04FGGE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ Frame 2FB0 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:07 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
515464
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRJULY1YY18W2Cp8iN0bkuKP6C4BbGIzh%2FXOijFsa%2FemANvtOdpLRWWNyTAMWHY23vp%2FmEL3lIaFX5RgB3iIW8qTAPPzI%2FjlFwdg4r%2FrUxPcS9i%2FARZsoNbFnoWYTWa6I%2BKazU%2BASrV%2BaLwZ"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7e7bd6f64a06bbcb-FRA
c
prebid.a-mo.net/a/ Frame 2FB0 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
a178e68d6d61e81cfc027a8d76d89cd6b517becd4a48af24bbb99acbb4e3ddc4

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
170
content-length
8964
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame 2FB0 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Access-Control-Allow-Credentials
true
2345174
bs.yandex.ru/metadsp/ Frame 2FB0 		0
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/metadsp/2345174?imp-id=1&target-ref=w1.areturnersmagic.com&ssp-id=10500
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 16 Jul 2023 17:07:08 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://w1.areturnersmagic.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Sun, 16 Jul 2023 17:07:08 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 2FB0 		178 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageReferrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&CanonicalUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
3ad6607d341d110ad06dc2c4cdbf24d30ba15d46ce2f9f811e2e743f32aed3d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:07 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
178
expires
0
adreq
ads.servenobid.com/ Frame 2FB0 		537 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4855
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fcfa354ded10aa44e8368f6fdf0866e40daf51adefc8746e29bf6e09b73d7970

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 17:07:07 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
pbjs
prebid.admanmedia.com/ Frame 2FB0 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.168 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Date
Sun, 16 Jul 2023 17:07:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
mp.4dex.io/ Frame 2FB0 		60 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 16 Jul 2023 17:07:07 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7e7bd6f668052bf3-FRA
expires
0
fontawesome-webfont.woff2
w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"615d55c2-ddcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1yRVbB%2FLgQYkmRAoogtSoYoQOjFAii24sPhrreXmWnCfFJx%2BnnsvlJau3rByyQevLU58e6FE36RW8PP8rqJ9b5l%2BkCfyC%2B3bD%2BY5%2B5ORH6o1Brh23lfwdp1OXYZ8RqHHrENc2%2F9Wp%2B5z9efiBBsIkRXLwkF"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e7bd6f71f521e51-FRA
alt-svc
h3=":443"; ma=86400
content-length
56780
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 18:58:33 GMT
x-content-type-options
nosniff
age
511715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14160
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jul 2024 18:58:33 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=5d4bd62e-587c-4c95-9b7d-4894db08c799&ts=1689527228085
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:08 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=2&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=3b3d6ca3-a46e-46bb-9745-c52d72ea5ab3&ts=1689527228085
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:08 GMT
forkawesome-webfont.woff2
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Wed, 05 Jul 2023 15:15:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64a588fb-1ad5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7GDQ7GS%2BP9n5szA5SL89jEQg9x7auT1byQZL7pH3X6EbchwrGWwLXHL7nLK8gJU0qo4gdR38trwcDCdnJbRpLgHPvQdUr1gbSGzhaJdqeht%2BxL3gJzxL7Ik1VGW1bQyMIux0JOmQnVOykstW%2BSUgJrGguKI"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e7bd6f78ffd1e51-FRA
alt-svc
h3=":443"; ma=86400
content-length
109916
/
api.purpleads.io/x/v2/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=5d4bd62e-587c-4c95-9b7d-4894db08c799&ts=1689527228085
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
4308c2556e36584130e9e9736cde21520adc46d3ef85a698a05f1349def7883b

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
br
etag
W/"ee7-Y88DdIeB3tVw2PrC4fxgp/cbePY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
/
api.purpleads.io/x/v2/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=2&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=3b3d6ca3-a46e-46bb-9745-c52d72ea5ab3&ts=1689527228085
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
71dfc9c86dd242f1fee1d59e79221b374901bee0c60151d5a3ac1f10340a004c

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
br
etag
W/"d94-hCDMy1ZjOJDuA25Onb45tVHnSAg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/reactive_library_fy2021.js?bust=31076130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d17de63711829a3c39b6ec6b7dea5543d1f3a54fca9becc87948f717830fdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53468
x-xss-protection
0
server
cafe
etag
14799314360734870342
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 17:07:08 GMT
adagio.js
script.4dex.io/ Frame 2FB0 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:08 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9a%2B9B7RmVNrSJX%2F7JvtUC4CF6O3PyZDiv1KJXSphHDi8t6qU%2FASVI%2F%2FFaSwFtQwZoHqiw4Z9uhVagCvc7hig8Cmwfc3YWCLe9%2FFWzg%2Bm8nK8LB4%2Bs0dW5fS1wrB7eGAh2LKqXRm%2FPb0S7dQV"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7e7bd6f87ff49b83-FRA
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
799
etag
W/"22f7e3545bf8cba3cac43d34db3357ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7e7bd6f81e412c63-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jul 2023 17:07:08 GMT
c.js
assets.a-mo.net/js/ Frame 57D1 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/c.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8698e31ac7ee2d78cfa9afce9dcbff75786269fe157c2bb4cc6affe1bc0a72fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
FRA6-C1
age
310
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 06 Jul 2023 20:39:59 GMT
server
cloudflare
etag
W/"4b98b622267dfddddc57fca3dae738c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7e7bd6f9abe14d95-FRA
x-amz-cf-id
FrxMFYkA8R7QNghyYadvIE-XIIyn3wcfOdtXY-pLlr9gVYamrlSaSQ==
expires
Sun, 16 Jul 2023 18:07:08 GMT
winner
api.purpleads.io/x/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1689527228330
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Sun, 16 Jul 2023 17:07:08 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1689527228330
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:08 GMT
i
api.purpleads.io/x/a/9c9035e5c26824addccb2bb79a73eba7:04948e1fca82116ef0481ce9b4e6935189905b76a40e2ae286ba0e498ba8545412f06f4d46571c27df67e823e3972e011b2b407cb391aa4fa0638be89c57f4f83bd7067f81a5126... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/9c9035e5c26824addccb2bb79a73eba7:04948e1fca82116ef0481ce9b4e6935189905b76a40e2ae286ba0e498ba8545412f06f4d46571c27df67e823e3972e011b2b407cb391aa4fa0638be89c57f4f83bd7067f81a51268c45abecc10c9274e11b7cdbcf95769068e12d1004d9e1dcfe71d6fa50d3d59bc13daee125858efe28726e84b90f2aaedd1d49ca6f7c089471ed995253fbb3801269df879c2ec52ec/i?id=b06337d1-e77d-4f1c-99aa-0678f1ff3fec&ts=1689527228330
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:08 GMT
i
api.purpleads.io/x/a/9c9035e5c26824addccb2bb79a73eba7:04948e1fca82116ef0481ce9b4e6935189905b76a40e2ae286ba0e498ba8545412f06f4d46571c27df67e823e3972e011b2b407cb391aa4fa0638be89c57f4f83bd7067f81a5126... 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/9c9035e5c26824addccb2bb79a73eba7:04948e1fca82116ef0481ce9b4e6935189905b76a40e2ae286ba0e498ba8545412f06f4d46571c27df67e823e3972e011b2b407cb391aa4fa0638be89c57f4f83bd7067f81a51268c45abecc10c9274e11b7cdbcf95769068e12d1004d9e1dcfe71d6fa50d3d59bc13daee125858efe28726e84b90f2aaedd1d49ca6f7c089471ed995253fbb3801269df879c2ec52ec/i?id=b06337d1-e77d-4f1c-99aa-0678f1ff3fec&ts=1689527228330
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Sun, 16 Jul 2023 17:07:08 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
g_pbwin
1x1.a-mo.net/hbx/ Frame 2FB0 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=728&h=90&bid=20d185930c5ce64&C=0&np=0.0030707355&a=gpt-passback&ts=1689527228326&eid=2111d5c7615c0bd
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.161.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-161-48.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
web
onesignal.com/api/v1/sync/df52f654-7186-474f-8e62-6cce1246df86/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/df52f654-7186-474f-8e62-6cce1246df86/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebcfdadafcaffe422f7b24b84121833a05358004082ad16625cfc12d7866548
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
56494589-b6db-42b8-94d2-bd919dac58f9
x-runtime
0.039814
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"cebcfdadafcaffe422f7b24b84121833"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7e7bd6f9782c2c63-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 16 Jul 2023 18:07:08 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=w1.areturnersmagic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 22C8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 15:01:30 GMT
etag
12368291122986407432
expires
Sun, 30 Jul 2023 15:01:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 8E7E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 15:01:30 GMT
etag
12368291122986407432
expires
Sun, 30 Jul 2023 15:01:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 6538 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 15:01:30 GMT
etag
12368291122986407432
expires
Sun, 30 Jul 2023 15:01:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prebid-2023-07-11.js
cdn.prplads.com/ Frame BF8D 		302 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2023-07-11.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AZAZJ5HB7N7KEDM5
age
459118
cf-polished
origSize=309911
x-amz-id-2
JhQchBEfD66HAbd5LFDRUwceF4h/vB/q8ZcDEv2ag+xyvZld+8jXDee3TU8EtoUAzUdqGZilQ88=
cf-bgj
minify
last-modified
Tue, 11 Jul 2023 08:48:49 GMT
server
cloudflare
etag
W/"5ebcd954e9429fcb6ba235104d6a1bbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrTNwKrv4pLFjrPUT3Vo3gSqiJBhXWjckTOoE005ukWLGB0cKwd6P%2FPE061QBHWm88zDxroI8q92Ts61qGv6u8OcKRDrLRYmW7R4DqzlMm2adtoch7DlibPTvda4aC9v6ZI0CZT%2B4TBg3ioCJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
7e7bd6f9ea314d31-FRA
prebid-2023-07-11.js
cdn.prplads.com/ Frame BF57 		302 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2023-07-11.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AZAZJ5HB7N7KEDM5
age
459118
cf-polished
origSize=309911
x-amz-id-2
JhQchBEfD66HAbd5LFDRUwceF4h/vB/q8ZcDEv2ag+xyvZld+8jXDee3TU8EtoUAzUdqGZilQ88=
cf-bgj
minify
last-modified
Tue, 11 Jul 2023 08:48:49 GMT
server
cloudflare
etag
W/"5ebcd954e9429fcb6ba235104d6a1bbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Wfuj7MQWWX3fOEQAVjaO9NXaodwZsAqN8L5aJjo5lQMDnNHWCpXNF8QKQqRjM4q5TBwYi4xWFTxlP30o9HRRQXZHeR9RuKSxkI4b6%2FYwtfjphzxIxUuqtIzby9YqDOwfEBnnllc%2BJKWbIuodA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
7e7bd6fa1a844d31-FRA
css2
fonts.googleapis.com/ Frame 22C8 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 15:11:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jul 2023 17:07:08 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 22C8 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 09:18:57 GMT
x-content-type-options
nosniff
age
200891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 17:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 13 Jul 2024 09:18:57 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 22C8 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 12:13:24 GMT
x-content-type-options
nosniff
age
104024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 17:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 14 Jul 2024 12:13:24 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 22C8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 20:59:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
72454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6331
x-xss-protection
0
server
cafe
etag
18044331813203521086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:59:34 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 22C8 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 14:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
10466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8599
x-xss-protection
0
server
cafe
etag
12796843930313450165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 14:12:42 GMT
css
fonts.googleapis.com/ Frame 8ACA 		761 B
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 15:31:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jul 2023 17:07:08 GMT
eyJpdSI6ImIzNzFhOTA4Njc1Y2JkM2ViNjAzM2QzMmM5NDFlN2E5NWMyMDlhMDk4MzBmYWIxMTQyZjdhN2VlYjNlNWZkMDgiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 8ACA 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIzNzFhOTA4Njc1Y2JkM2ViNjAzM2QzMmM5NDFlN2E5NWMyMDlhMDk4MzBmYWIxMTQyZjdhN2VlYjNlNWZkMDgiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76b510fba4ae1cd55f5986483e4fa377623d818b10f6363bb9f0ed483cfc2098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
last-modified
Mon, 12 Jun 2023 08:02:32 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=259832
access-control-allow-credentials
false
x-traceid
0fd29339345bd38e02f68f375f5e0a2e
timing-allow-origin
*, *
content-length
13712
i
api.purpleads.io/x/a/d6dd9a7a37b1dbfff57010a85cad5cc5:fd6c4d2af639cb0c3e55c6ecd3ea92c13cc30e315f2cf16cb2678d60048dc4fa76099565888d5a6f6bc2a12a8b25d4504b95b0fce2be12d99a73c95de1279b0484a08a6f1a92b5f... Frame 8ACA 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/d6dd9a7a37b1dbfff57010a85cad5cc5:fd6c4d2af639cb0c3e55c6ecd3ea92c13cc30e315f2cf16cb2678d60048dc4fa76099565888d5a6f6bc2a12a8b25d4504b95b0fce2be12d99a73c95de1279b0484a08a6f1a92b5f3209d00cf1c8861dce70966083a2934b58bffff4144a39db0/i?id=7a3568bc-ca6c-42fc-8e51-d9c43c21c7c6
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Sun, 16 Jul 2023 17:07:08 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 8ACA 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=1b2136af9b6cbd029e384d405c16c35a&pvId=1b2136af9b6cbd029e384d405c16c35a&sid=9809542&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:09 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
0f35900a9619b2b6322a96911c7b5407
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 8ACA 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=1b2136af9b6cbd029e384d405c16c35a&position=0
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:09 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
e88ec1fc85f574fdc1da8eed829541d8
Content-Length
4
Expires
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4D51 		165 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5d1db849191260344cb54219263c7cded1ace0c999c3a347ef0089a169126ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mBUAII0c5_rJ_wvNvO1m0IbiHQCIGB6AbQT1CHEiNeESV1lN9_3Uanpt6vZtprK_bFmEHxzUi3Q3NZ7qzHR3R9lQHDucFYTtvL9Xaz9fqK9C9h-9QYTJXIG5xWRoG343srRBo5p23jDRY4qbngOmKJnxMXYZ2i7luXQLhAokUuzOk_2CPQWyRO-Dzz798_sKH_57kJo69cmBqFLgmqyVMjiMy3bCMVffAHtozwVX6yIQ4IA9kUvZinaOnMS-CSjClhS0HA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
84414828
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8E7E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 16:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
3839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 16:03:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8E7E 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 12:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
18244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 12:03:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E7E 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 17:07:08 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 57D1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1cbee518f6314d565c81f72af6f09dbc74cc770fce1a02a90b52c2c2dd480985

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
br
last-modified
Tue, 11 Jul 2023 20:07:18 GMT
vary
Accept-Encoding
x-azure-ref
20230716T170708Z-fdd46wxuf94u98rgps6ewc435800000000wg000000005b11
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
001aed2c-b01e-00a4-5757-b600d0000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
c.gif
www.bing.com/aes/ Frame 57D1
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=17290c1b-355f-4505-8377-125b840d13a3&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a2c91c62-4312-4faa-97a0-f7690b9b1518&rlin...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce8d94da482f4a12bf8a3a4da3490b65&SNR=1&GV=2&med=10
0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce8d94da482f4a12bf8a3a4da3490b65&SNR=1&GV=2&med=10
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Server
2a02:26f0:f700:9::58dd:5c18 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4EE57B069275448EBDE88CE837D9D2E1 Ref B: FRA31EDGE0606 Ref C: 2023-07-16T17:07:09Z
x-cdn-traceid
0.18291202.1689527228.1371ef1
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 16 Jul 2023 17:07:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 905FEAEC997C4EEAA32BFEF715FEEC09 Ref B: EWR30EDGE1420 Ref C: 2023-07-16T17:07:08Z
x-cdn-traceid
0.18291202.1689527228.1371dbb
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce8d94da482f4a12bf8a3a4da3490b65&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
it
ams3-ib.adnxs-simple.com/ Frame 57D1 		0
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs-simple.com/it?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QKvB2yvAwAAAwDWAAUBCLvH0KUGEOCl0unJhOXIIxj_EQF4ASo2Ccam_9Ehi5I_ETyrf4fGnZE_GQAAAGBmZtY_IRESACkRJNgxAAAAoJmZqT8wuc3yCTixSUC1XkjjA1C6iYq2AVjqzmVgAGjurasBeNnzBYABAYoBA1VTRJIBAQbwZZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAt3EAeACjKVI6gIfaHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tL4ADAYgDAJADAJgDFKADAaoDhAMKmgJodA01HHd3LmJpbmcuASvwYWFwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWEyYzkxYzYyLTQzMTItNGZhYS05N2EwLWY3NjkwYjliMTUxOCZjbUV4cElkPUxWMSZvQWRVHUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOkloAuHJ0eXBlPW51cmwmdGFnSWQ9MjA3NTIwNTcmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0XgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjU2Mjk5MjU0NzkyNzcyNDc2OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREl6T1RRNU5UWTRNREkwTURZak1qTXpOREU1TkRRMk5qTTBNVEUwTmc9PcADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxOTMuMzIuMjQ4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAABASkARAAAAwMzMKkCIBQGYBQCgBYXpocXt6O7OG6oFEFFXU05ITjNLTkg2MkZOTkvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWdyVn6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGwo0E2gYWChAFNB0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH2fMF0gcNCREpASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=5d24c48f04ecafb4d0e79859d810dc7199c8a316&pp=
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:08 GMT
an-x-request-uuid
f6067601-b3de-48cb-aec8-21016aab1ded
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.222; 193.32.248.222; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs-simple.com/v/s/239/ Frame 57D1 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs-simple.com/v/s/239/trk.js
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:57:28 GMT
Date
Sun, 16 Jul 2023 17:07:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
450580
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21942-LGA, cache-fra-eddf8230127-FRA
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1689527229.672764,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 72014
himp
1x1.a-mo.net/hbx/ Frame 57D1 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CpADIgpueHhhaGVqbnVsMbVigpHMJ2k_OgVtb25ldEIMZ3B0LXBhc3NiYWNrShZ3MS5hcmV0dXJuZXJzbWFnaWMuY29tUgthYXMtNWQxNTA3NloIcGJhMS4zLjJqFncxLmFyZXR1cm5lcnNtYWdpYy5jb214AYoBCGY4NGE1OTFioAFaqAHYBcAB3_4SyAEA6AEA8gEPNjExMzQ2MTAxNDU5OTMy-gEGNy4zOS4wmAIeqQIAAAAAAAAAALICGWhlY2tlbnBmbGFuemVuLWhlaWpuZW4uZGXoAgGIA7vH0KUGogMWY0hWeWNHeGxZV1J6TFhKdmJpNXBid6gDX-ADj6oB6gMkNzkwMGYyMjctOTk2ZS00Yjc5LTg0ZTEtYTQ5MzVmOTg1NDNlqgQDRENIigUOMmM1OWQ0N2FmZTUwZmKyBQNVU0TSBQgyNjU5NTk1N9gFAeAFAeoFB2Rlc2t0b3DyBQ1XOUIyU1FQUTFBUVlP-gUDYW02qgcDd2ViygcTYXJldHVybmVyc21hZ2ljLmNvbQ&M=13&cn3=0&c4=native_dom&C=rexp&m=n%3A0&e=FIXED%0AError%3A%20FIXED%0A%20%20%20%20at%20u%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41186)%0A%20%20%20%20at%20Di.se%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41496)%0A%20%20%20%20at%20Di.go%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A44037)%0A%20%20%20%20at%20ct%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A11484)%0A%20%20%20%20at%20ft%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A14366)%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51014%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51020%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51065&sw=728&sh=90&rr=rexp&rw=728&rh=90&rer=FIXED%0AError%3A%20FIXED%0A%20%20%20%20at%20u%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41186)%0A%20%20%20%20at%20Di.se%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41496)%0A%20%20%20%20at%20Di.go%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A44037)%0A%20%20%20%20at%20ct%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A11484)%0A%20%20%20%20at%20ft%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A14366)%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51014%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51020%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51065&dr=0&lng=en-US&cv=c.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.161.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-161-48.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 57D1 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=Co4EIgtfbnh4YWhlam51bDE540VwbfKNPzoPYW5zd2VyX2FwcG5leHVzQgxncHQtcGFzc2JhY2tKFncxLmFyZXR1cm5lcnNtYWdpYy5jb21SC2Fhcy01ZDE1MDc2WghwYmExLjMuMmoWdzEuYXJldHVybmVyc21hZ2ljLmNvbXgBigEIZjg0YTU5MWKSAQIxMKABWqgB2AXAAeb-EsgBANAB____________AegBAPIBDzYxMTM0NjEwMTQ1OTkzMvoBBjcuMzkuMJECtWKCkcwnaT-YApIBqQIAAAAAAAAAALICGWhlY2tlbnBmbGFuemVuLWhlaWpuZW4uZGW6AgkzODE4NDY3MTTCAgUxMjA4NdoCCDIwNzUyMDU36AIB8QIAAAAAAAAAAPkCAAAAAAAAAACIA7vH0KUGogMWY0hWeWNHeGxZV1J6TFhKdmJpNXBid6gDX8oDBTEyMDg14AOPqgHqAyQ3OTAwZjIyNy05OTZlLTRiNzktODRlMS1hNDkzNWY5ODU0M2WqBANEQ0iCBRMyNDk4NzM5Nzk4NzUxMjIzMTMwigUOMmM1OWQ0N2FmZTUwZmKyBQNVU0TCBQM0ODPSBQgyNjU5NTk1N9gFAeAFAeoFB2Rlc2t0b3DyBQ1XOUIyU1FQUTFBUVlP-gUDYW02qgcDd2ViygcTYXJldHVybmVyc21hZ2ljLmNvbQ&M=13&cn3=0&c4=native_dom&C=rexp&m=n%3A0&e=FIXED%0AError%3A%20FIXED%0A%20%20%20%20at%20u%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41186)%0A%20%20%20%20at%20Di.se%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41496)%0A%20%20%20%20at%20Di.go%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A44037)%0A%20%20%20%20at%20ct%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A11484)%0A%20%20%20%20at%20ft%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A14366)%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51014%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51020%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51065&sw=728&sh=90&rr=rexp&rw=728&rh=90&rer=FIXED%0AError%3A%20FIXED%0A%20%20%20%20at%20u%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41186)%0A%20%20%20%20at%20Di.se%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41496)%0A%20%20%20%20at%20Di.go%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A44037)%0A%20%20%20%20at%20ct%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A11484)%0A%20%20%20%20at%20ft%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A14366)%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51014%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51020%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51065&dr=0&lng=en-US&cv=c.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.161.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-161-48.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
inde
1x1.a-mo.net/hbx/ Frame 57D1 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/inde?aid=YXJldHVybmVyc21hZ2ljLmNvbQ&b=w1.areturnersmagic.com&M=13&v=pba0.0-aa2.14.0-160fad5-0&cv=c.js&lng=en-US&_e=Co4EIgtfbnh4YWhlam51bDE540VwbfKNPzoPYW5zd2VyX2FwcG5leHVzQgxncHQtcGFzc2JhY2tKFncxLmFyZXR1cm5lcnNtYWdpYy5jb21SC2Fhcy01ZDE1MDc2WghwYmExLjMuMmoWdzEuYXJldHVybmVyc21hZ2ljLmNvbXgBigEIZjg0YTU5MWKSAQIxMKABWqgB2AXAAeb-EsgBANAB____________AegBAPIBDzYxMTM0NjEwMTQ1OTkzMvoBBjcuMzkuMJECtWKCkcwnaT-YApIBqQIAAAAAAAAAALICGWhlY2tlbnBmbGFuemVuLWhlaWpuZW4uZGW6AgkzODE4NDY3MTTCAgUxMjA4NdoCCDIwNzUyMDU36AIB8QIAAAAAAAAAAPkCAAAAAAAAAACIA7vH0KUGogMWY0hWeWNHeGxZV1J6TFhKdmJpNXBid6gDX8oDBTEyMDg14AOPqgHqAyQ3OTAwZjIyNy05OTZlLTRiNzktODRlMS1hNDkzNWY5ODU0M2WqBANEQ0iCBRMyNDk4NzM5Nzk4NzUxMjIzMTMwigUOMmM1OWQ0N2FmZTUwZmKyBQNVU0TCBQM0ODPSBQgyNjU5NTk1N9gFAeAFAeoFB2Rlc2t0b3DyBQ1XOUIyU1FQUTFBUVlP-gUDYW02qgcDd2ViygcTYXJldHVybmVyc21hZ2ljLmNvbQ&r=0&C=rexp&m=n%3A0&e=FIXED%0AError%3A%20FIXED%0A%20%20%20%20at%20u%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41186)%0A%20%20%20%20at%20Di.se%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41496)%0A%20%20%20%20at%20Di.go%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A44037)%0A%20%20%20%20at%20ct%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A11484)%0A%20%20%20%20at%20ft%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A14366)%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51014%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51020%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51065&sw=728&sh=90&rr=rexp&rw=728&rh=90&rer=FIXED%0AError%3A%20FIXED%0A%20%20%20%20at%20u%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41186)%0A%20%20%20%20at%20Di.se%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A41496)%0A%20%20%20%20at%20Di.go%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A44037)%0A%20%20%20%20at%20ct%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A11484)%0A%20%20%20%20at%20ft%20(https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A14366)%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51014%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51020%0A%20%20%20%20at%20https%3A%2F%2Fassets.a-mo.net%2Fjs%2Fc.js%3A1%3A51065&dr=0&eid=293chccomsw19yatby&ts=1689527228578
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.161.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-161-48.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
afr.php
ads.eu.criteo.com/delivery/r/ Frame F4E0 		165 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6aa9cec358fa983442aec05763c0fbbbe874f8c4cf429a46b9ef528f297f1363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qg5SpY0c5_rJ_wvNQNfzTvhhkdwWT0U_zKOxpYkgilrils52GSl1BHI19PAasKZK2HI6S5pUnJ5Q9P69i7XudKj7m1Iw-jLffDfAD5j_H66irsFqGOLAQi7xHyTXtQDgKQJMFzKdGb6LWG6GYX5Fk3BulcVG6y7zbd5XpKkwjvyvgvY23x6-Jo2RfbT4hg-MzZwmRPEZWL2yWfN8SzmseLnBXnb-wSCZn_IkPQoBF0D8ztZCyzSkjddxznmmXgFYHPfbyA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
79249292
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 6538 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 16:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
3839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 16:03:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 6538 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 12:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
18244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 12:03:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6538 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 17:07:08 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame BF8D 		2 KB
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230716
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df9f8bce75c6828a73a7b075d3eb5832e1f5027439ea0bee1a02c5974f96177d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 17:07:08 GMT
x-content-type-options
nosniff
content-encoding
br
age
3981
x-jsd-version
1.0.1753
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
947
x-served-by
cache-fra-eddf8230041-FRA
x-jsd-version-type
version
etag
W/"63f-SVU7uIku+ztki4OpWmQrR04FGGE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ Frame BF8D 		483 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
515465
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MeUDHaYVG1UzJkC0x6v%2Ftk4nSU0r6sa%2FE4SQZI5zA0Z6oJwhxS9xCr0wVSUtqpC6tby4%2FnCJ2QvkqTGm3ajVZtYhzWveM6Hp0Brib5a43NmmU%2BQqQA5FV4p4JyWnCXbfM3SW5DiYJHsUHVC"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7e7bd6fb4863bbcb-FRA
css
fonts.googleapis.com/ Frame 47AD 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 15:18:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jul 2023 17:07:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 47AD 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:34:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
81151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 18:34:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 47AD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 12:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
18243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 12:03:05 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EDA9 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3037
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 16:16:31 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 47AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 16:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
3839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 16:03:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 47AD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 12:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
18244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Jul 2023 12:03:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 47AD 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 17:07:08 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 47AD 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
c
prebid.a-mo.net/a/ Frame BF8D 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Sun, 16 Jul 2023 17:07:07 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
server
envoy
vary
origin, Accept-Encoding
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame BF8D 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Access-Control-Allow-Credentials
true
2345174
bs.yandex.ru/metadsp/ Frame BF8D 		157 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/metadsp/2345174?imp-id=1&target-ref=w1.areturnersmagic.com&ssp-id=10500
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
307968d2a0fb120d0f7e3778a8e6c174bafaf921443b551eef93b052ebea30ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
ssr
false
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 16 Jul 2023 17:07:08 GMT
uniformat
true
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 16 Jul 2023 17:07:08 GMT
pbjs
prebid.admanmedia.com/ Frame BF8D 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.168 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Date
Sun, 16 Jul 2023 17:07:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
mp.4dex.io/ Frame BF8D 		45 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6775494a885d8a2df4bab566fcdaf81395e868fab6b3dd069ea8470bb624a1

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 16 Jul 2023 17:07:08 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
content-length
45
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7e7bd6fb6f052bf3-FRA
expires
0
adreq
ads.servenobid.com/ Frame BF8D 		537 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5371
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fcfa354ded10aa44e8368f6fdf0866e40daf51adefc8746e29bf6e09b73d7970

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame BF8D 		180 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageReferrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&CanonicalUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5c085c433b0157cd98e1a611f43dd215b430182c65bf1fad6d1749a7554792dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:08 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame BF57 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230716
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df9f8bce75c6828a73a7b075d3eb5832e1f5027439ea0bee1a02c5974f96177d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 17:07:08 GMT
x-content-type-options
nosniff
content-encoding
br
age
3981
x-jsd-version
1.0.1753
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
947
x-served-by
cache-fra-eddf8230137-FRA
x-jsd-version-type
version
etag
W/"63f-SVU7uIku+ztki4OpWmQrR04FGGE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ Frame BF57 		483 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
515465
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXIX2wZ98jc5fL92JG0UW0HgDEZeTN%2B6d3yRbbHi1NZHcFMX4OllMHkOY8c0OMTZt7SJyGaNQ5QgIYVwdBlDbYNhn3IAyYjm4LiwVGYkdQIIekCVpR5eRr6HCi%2FBGsjumgJtM7%2F7ddRzDpre"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7e7bd6fba947bbcb-FRA
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 8ACA 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 15:41:45 GMT
x-content-type-options
nosniff
age
91523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 15:41:45 GMT
adreq
ads.servenobid.com/ Frame BF57 		537 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6410
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fcfa354ded10aa44e8368f6fdf0866e40daf51adefc8746e29bf6e09b73d7970

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame BF57 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Sun, 16 Jul 2023 17:07:07 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
101
server
envoy
vary
origin, Accept-Encoding
2345174
bs.yandex.ru/metadsp/ Frame BF57 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/metadsp/2345174?imp-id=1&target-ref=w1.areturnersmagic.com&ssp-id=10500
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 16 Jul 2023 17:07:08 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://w1.areturnersmagic.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Sun, 16 Jul 2023 17:07:08 GMT
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame BF57 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Access-Control-Allow-Credentials
true
prebid
mp.4dex.io/ Frame BF57 		45 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6775494a885d8a2df4bab566fcdaf81395e868fab6b3dd069ea8470bb624a1

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 16 Jul 2023 17:07:08 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
content-length
45
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7e7bd6fbefe52bf3-FRA
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame BF57 		3 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageReferrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&CanonicalUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
760
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
3
expires
0
pbjs
prebid.admanmedia.com/ Frame BF57 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.168 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Date
Sun, 16 Jul 2023 17:07:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
044f11c98027a2ea45a6.js
adsdkprod.azureedge.net/native-to-display/ Frame 57D1 		61 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/native-to-display/044f11c98027a2ea45a6.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
819d2e67c083da04e6e95e9792723d2a97b722e52a6606e3179882ac9f7db02b

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 17:07:08 GMT
content-encoding
br
last-modified
Tue, 11 Jul 2023 20:07:17 GMT
vary
Accept-Encoding
x-azure-ref
20230716T170708Z-cu89srpp215vx6um27gfpm17x400000000vg000000011vqp
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
affa41a9-501e-0056-38f7-b5f381000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
rd_log
ams3-ib.adnxs-simple.com/ Frame 57D1 		0
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QKrBGwrAgAAAwDWAAUBCLvH0KUGEOCl0unJhOXIIxj_EQF4ASo2Ccam_9Ehi5I_ETyrf4fGnZE_GQAAAGBmZtY_IRESACkRJNgxAAAAoJmZqT8wuc3yCTixSUC1XkjjA1C6iYq2AVjqzmVgAGjurasBeNnzBYABAYoBA1VTRJIBAQbw_ZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALdxAHgAoylSOoCH2h0dHBzOi8vdzEuYXJldHVybmVyc21hZ2ljLmNvbS-AAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQMMTkzLjMyLjI0OC4wqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLqJirYB-gQSCQAAAAAAQEpAEQAAAMDMzCpAiAUBmAUAoAWF6aHF7ejuzhuqBRBRV1NOSE4zS05INjJGTk5LwAUAyQUABTsU8D_SBQkJBQtAAAAA2AUB4AUB8AWdyVn6BQQBhCiQBgCYBgC4BgHBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9nzBdIHDRVlASYI2gcGAV5oGADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=41cc65fde0ae59a61d16240fcaffd08324a59486&bdref=https%3A%2F%2Fw1.areturnersmagic.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fw1.areturnersmagic.com%2F,https%3A%2F%2Fw1.areturnersmagic.com%2F,https%3A%2F%2Fw1.areturnersmagic.com%2F&
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:08 GMT
an-x-request-uuid
b2ed390a-df9d-46d8-8bd2-05ad4dc841b3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.222; 193.32.248.222; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ Frame BF8D 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
0
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8g69O5x1xgfY%2BxZbo2g8yTyMo2sU%2B0K61i2oY70cP5Mon8%2FZ0kO0G3q%2FfuJLZZvJJr6NlfCP4iwKusiwe9dwtFEYIHcsMGo6Prw3hDdYYCzUePEMEKibVYoqUaMpZkjksDhcqj93ZmXb2K%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7e7bd6fc0c769b83-FRA
privacy_small.svg
static.criteo.net/flash/icon/ Frame F4E0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame F4E0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F4E0 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 10 Jul 2024 17:07:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F4E0 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 10 Jul 2024 17:07:09 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame F4E0 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=akgaXXsnO68UYrYiDu2RaQt1qcxAOcWleBoB-kNjO2B7tHdZA8iXcTzU7p7lDbdXzyStGLElhOiPcEZnEE-c99Yznb2ZFUXRou_TZwkT2BvO80gbvUkdKeeravBfGfCtFz9ED6p6bqskoIXT5HrTKjfd86bh7t-D7ILMMXuoSPeLoqehijKERLcL98pqMAKlk-ZqSZWJ6bjRdBnIM6tqy2e6pAIR77_mymtAx23HZtSz9Ohjr5YyVH5xVPRa4dB4iXgOkRte8U7ThcvNuVkZjGgJkV3wVNIQA095NX6euhT2lDEk_XBRstonpFeWHcEHx2e64whgbnQrSEXUPrmppDvHwKIKX3uVaSR0jUxGD3QH0WWYCBZXceEnDHL1S3tuwCjvsO5sKJt3K-y5Np3lRm_hEJrpLwEClo8tUalNJipIK8ad
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1726525
expires
Mon, 26 Jul 1997 05:00:00 GMT
adagio.js
script.4dex.io/ Frame BF57 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
0
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6TRdbBtpdKsCHSM9Ro0%2F00pDPoAOFlr1w%2BMgEXiCzLa7DOcr0317FJtyZefBXayArcSSGFzCJ3hKkhLRT%2B7SdAEge%2FLMJVGYbuinKamddF%2BkKjTEBhfyR5z0JqlnpjmpuECDGdEdA0z3YTU"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7e7bd6fcad689b83-FRA
si
googleads.g.doubleclick.net/pagead/drt/ Frame EDA9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:09 GMT
expires
Sun, 16 Jul 2023 17:07:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:09 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4D51 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4D51 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4D51 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 10 Jul 2024 17:07:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4D51 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 10 Jul 2024 17:07:09 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 4D51 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YaEFwlpK7UNOzZVT8RZfYtdX4rCpP1WAXFYk-dk1ydKl_5Cg-t2pOQlTx09r6KexygSrgvis9-fNXTs-6J-iorWXyUej7NOB8lVbdue8zRPpq69qFvTc9F9gzQOeDfZRrJZfPOPssjKPQ_YO0U_VdDxPMJ_PVREqTV2rFWU91e7DJ3AIncuFKlSdrLCg_1c4NhfB5K_iHDnN8gpj27L0X9kJh8DbeIOmSK65jyODUbdOjxAEumySYaqtXctwIN1L4QcpJhX9GRiKsXOP8wQkb1Ub6BIzKt8xdPGoyh7-UpVJFqfv4EKdeU_JwP_o5AajtjQLhWqAWPy386aPfbYknwPNs9wNWNpW6g8ORQapjNAV1XXuL2Bc7E8x1kLNl385KS5ctz9P--Z85MInoleA5-KGmo7rKTTtuSAeKfbB_ZyS6gV9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1424463
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F4E0 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
60552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lePh4lDn99HlTG4IyLhCvhSK6cPnJhzaBVkDzc7iE1wRtFz0NiMvwlAM5B13ZSXnIDcPEd6ZTX%2FxF9FQ34zaOlB%2B8Wv6czN39PKXEGPJNrvaok%2Bjc8gT%2Bft7Ij%2BWwJPYvMzuZmC4jfm7eJpU3%2B0a9G7u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7bd6fd7eea923d-FRA
expires
Fri, 05 Jul 2024 17:07:09 GMT
animejs.js
static.criteo.net/animejs/ Frame F4E0 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4D51 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
60552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shQD77dlLsLFxoC4XPp%2FzO82xqPgXuvvltB0IZvDj08Sa6p8QyJzKK2qEXQdxnRuDTV%2BTXnHBVjFvV2EYaYiQqAJGbRRC4D%2B7YNsdeoOFZO3UAgBB06Z%2FfGEc%2BxG1puDmo%2BfiEV2utnRY6sbnrMQ6AA4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7bd6fd7eec923d-FRA
expires
Fri, 05 Jul 2024 17:07:09 GMT
animejs.js
static.criteo.net/animejs/ Frame 4D51 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
all
csm.eu.criteo.net/ Frame F4E0 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qg5SpY0c5_rJ_wvNQNfzTvhhkdwWT0U_zKOxpYkgilrils52GSl1BHI19PAasKZK2HI6S5pUnJ5Q9P69i7XudKj7m1Iw-jLffDfAD5j_H66irsFqGOLAQi7xHyTXtQDgKQJMFzKdGb6LWG6GYX5Fk3BulcVG6y7zbd5XpKkwjvyvgvY23x6-Jo2RfbT4hg-MzZwmRPEZWL2yWfN8SzmseLnBXnb-wSCZn_IkPQoBF0D8ztZCyzSkjddxznmmXgFYHPfbyA&sds=2&rev=87483&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F4E0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F4E0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
all
csm.eu.criteo.net/ Frame 4D51 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=mBUAII0c5_rJ_wvNvO1m0IbiHQCIGB6AbQT1CHEiNeESV1lN9_3Uanpt6vZtprK_bFmEHxzUi3Q3NZ7qzHR3R9lQHDucFYTtvL9Xaz9fqK9C9h-9QYTJXIG5xWRoG343srRBo5p23jDRY4qbngOmKJnxMXYZ2i7luXQLhAokUuzOk_2CPQWyRO-Dzz798_sKH_57kJo69cmBqFLgmqyVMjiMy3bCMVffAHtozwVX6yIQ4IA9kUvZinaOnMS-CSjClhS0HA&sds=2&rev=87483&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4D51 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4D51 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
vevent
ams3-ib.adnxs-simple.com/ Frame 57D1 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QKvB2yvAwAAAwDWAAUBCLvH0KUGEOCl0unJhOXIIxj_EQF4ASo2Ccam_9Ehi5I_ETyrf4fGnZE_GQAAAGBmZtY_IRESACkRJNgxAAAAoJmZqT8wuc3yCTixSUC1XkjjA1C6iYq2AVjqzmVgAGjurasBeNnzBYABAYoBA1VTRJIBAQbwZZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAt3EAeACjKVI6gIfaHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tL4ADAYgDAJADAJgDFKADAaoDhAMKmgJodA01HHd3LmJpbmcuASvwYWFwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWEyYzkxYzYyLTQzMTItNGZhYS05N2EwLWY3NjkwYjliMTUxOCZjbUV4cElkPUxWMSZvQWRVHUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOkloAuHJ0eXBlPW51cmwmdGFnSWQ9MjA3NTIwNTcmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0XgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjU2Mjk5MjU0NzkyNzcyNDc2OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREl6T1RRNU5UWTRNREkwTURZak1qTXpOREU1TkRRMk5qTTBNVEUwTmc9PcADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxOTMuMzIuMjQ4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAABASkARAAAAwMzMKkCIBQGYBQCgBYXpocXt6O7OG6oFEFFXU05ITjNLTkg2MkZOTkvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWdyVn6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGwo0E2gYWChAFNB0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH2fMF0gcNCREpASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=5d24c48f04ecafb4d0e79859d810dc7199c8a316&type=nv&nvt=5&jm=1003&px=800&py=1105&bw=728&bh=90&sid=1015942711458341100&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20752057&sw=1600&sh=1200&pw=1600&ph=2644&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:09 GMT
an-x-request-uuid
5d2f6ba1-c0d0-48d9-acb1-46fc4e9fad2d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.222; 193.32.248.222; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
th
www.bing.com/ Frame 57D1 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.8177684528676_1RUREDSPX2MQV4WHR6&pid=21.2&c=3&w=200&h=105
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:f700:9::58dd:5c18 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1b809aadf8f6ce523c996af8905ad3dcf79dee6e01bdcdabb164fc2ee7afdd11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.18291202.1689527229.1371fb7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
5833
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
context.js
yandex.ru/ads/system/ Frame 5B6E 		298 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
87b270620fc6dfe6d6efe22c3d3e46046669195742f7fba7d3e0fe70a552206e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1689527229298041-4483456290706619641-balancer-l7leveler-kubr-yp-vla-11-BAL-1319
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 16 Jul 2023 18:07:09 GMT
winner
api.purpleads.io/x/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1689527229122
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Sun, 16 Jul 2023 17:07:09 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
i
api.purpleads.io/x/a/1ef2d5f228f253535f61e9f99d79d900:908406e0a21a88f168172ea1d1050d5773e490b17585d41c4788623eb62da2c37dce1d7b010c88294bed7cc9c4da2974972a678da31edb3049a1c203646329b05ed08cfca32167b... 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/1ef2d5f228f253535f61e9f99d79d900:908406e0a21a88f168172ea1d1050d5773e490b17585d41c4788623eb62da2c37dce1d7b010c88294bed7cc9c4da2974972a678da31edb3049a1c203646329b05ed08cfca32167b958c96a68c53c30d90fc21fb9eec4d1b8a6982157929e0654dff8674449f32ce81fcb1c09a3f5499ee72dfb9241b807ebdd0a8cc07f877a3b1d4e9f652be31198a5578cf35a35be8b/i?id=b128601c-7645-488d-85e0-f4014db38f91&ts=1689527229124
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Sun, 16 Jul 2023 17:07:09 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
1SKZErwv0Hm200000000U9nJt2FkRBMOoQR5C81FT8x8szlcbdkKjwGm084dJ2Hqxvz9LR7NJYWpf382nJC3-1nRGEAb85xjLI3HohWHICvaN04I0OA5Z5iW38QLZ7nGrbx6TZSEXgDW_bL6aCAxZ0mI0WnpcK3ifKmtc1WOrZ950TbdcVu3mLCc5aq6XbTC0dS_p...
bs.yandex.ru/ssp_notifications/ Frame BF8D 		2 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.yandex.ru/ssp_notifications/1SKZErwv0Hm200000000U9nJt2FkRBMOoQR5C81FT8x8szlcbdkKjwGm084dJ2Hqxvz9LR7NJYWpf382nJC3-1nRGEAb85xjLI3HohWHICvaN04I0OA5Z5iW38QLZ7nGrbx6TZSEXgDW_bL6aCAxZ0mI0WnpcK3ifKmtc1WOrZ950TbdcVu3mLCc5aq6XbTC0dS_pliUmCV8e5lljsqk0nl3NoOMa9NCh42obraHI4vb1Xanbva9P26GL81Oo2nve9VnAbZkBfXyocnwymFNJsO79tw8Crd4hRJ0Jbx1ie9v0yj_663SWSG-WCI-oJ9h9WYSj7_8ik6rnvGzh3VitxA0lBI0bVSaQ_1KRh315rWRG83fAoj8rozMJaCBOrDJCnC3qmQshPiEXtUmDR3COBjoE7W1MzkJ_PSd7htoXMSb6yp00smU9zYO7x7nXWUuMhbPcgGdcUHacRzaWuJZ1_kVSDP4zZbgqJkrsT_PRs1dsi7ESu9TyW5xyx5bAxQS-NRNymSxpmAE5SmhEBOmRk3Wsy71U8i38p2VSZ0mDDZtSeAyC9KJ5B0BE1kOLt0MRk2C0G1g5xAV?ssp-notification-type=1&ssp-request-id=68e1e6a84c5bb1&ssp-cur-price=0.00&ssp-cur=EUR
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 16 Jul 2023 17:07:09 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 16 Jul 2023 17:07:09 GMT
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1689527229122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:09 GMT
i
api.purpleads.io/x/a/1ef2d5f228f253535f61e9f99d79d900:908406e0a21a88f168172ea1d1050d5773e490b17585d41c4788623eb62da2c37dce1d7b010c88294bed7cc9c4da2974972a678da31edb3049a1c203646329b05ed08cfca32167b... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/1ef2d5f228f253535f61e9f99d79d900:908406e0a21a88f168172ea1d1050d5773e490b17585d41c4788623eb62da2c37dce1d7b010c88294bed7cc9c4da2974972a678da31edb3049a1c203646329b05ed08cfca32167b958c96a68c53c30d90fc21fb9eec4d1b8a6982157929e0654dff8674449f32ce81fcb1c09a3f5499ee72dfb9241b807ebdd0a8cc07f877a3b1d4e9f652be31198a5578cf35a35be8b/i?id=b128601c-7645-488d-85e0-f4014db38f91&ts=1689527229124
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:09 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 4D51 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzoYKYuUGAAbnQ8iFl7x4AWVCaWypuA&u=%7CxhqBceTIyRAqlLRhHONcv96PI9wO86zbR4iswYTgl8k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzbIDBhB6K6-lo49s32cyxro-cD1MQjrNEBZgFGeeV2Akb1LdDM_D7RNikUbfzPFKMoTBhqp6ThPv4vMLciwp3FQM2QHBInb9TQJKk9y0X7M-dS6lkWdVJ7LLDC1Kw4ZuREgaJu8Xq6RrKpREFqJuJu2raLpXeWhL0N78L8gXemU9votiNe4ZCp-5AY0NpUHBL4DnNhKPeQaWTpoEcncbMl9DjFmMrPcDVBsehIHAODtHMPmHlZS3UNR2_k1vmyNtpJCiW3RL_IDa4k-LH2DG50gZsVgM2Vxs-O2YlS6JCAsIy8_xmucFlTWHwZxDselAIryVPa2hNxX3Y0T2dwt-7WiRJlGnjXPZGaqx-vETEv-BziQYU7ULXZS7aLQI7XcOn-YgiH1Tg6AHe5UOQahcZ9AbUJ7cVRsdZRK6_YYsqUzecq5KSWh5yPkrBUezGMwMI7GCvZm0Rr489L_2Xp7at0PqCHq_fauMYboqAl3dVliqZ8FM_Q2JIvaktQqUsA8sKeKCX64uCFop&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4DdbuyO0ZIadC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT3AU_QGHSEa1I6mhLS8O_Sv_-paLPtF5xBXz2-71n7tEvKfayms3HjnilUaWri7qdN6_gV6EMV4n605qM1wTYAt_WnHBYD8G7mFu-WtJDz19zma_7zBHgSUJWj6PhhNiPHhsiTR759Eo2ioDVG1REioj5hgaJlU_Bp7B5r3he35aOHXGzy9JCkPzx6sm6tmJhDo88AlSzmOFVjEF4mOs9wy24eMnKwFjCV-uvL5_Tn6ySnH610BfdHdq8QwV0HhrHvPX2Gl9JVaNn9wbLRbSRMJgmEGjoFEwN7BeCJnIlXUWvWLr6PAH4vKmuAeiytIp-0QYKL-M6lo7uABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0cYldV1fShvBdEx65G_Eh7tqWDfw%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame F4E0 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&u=%7CxhqBceTIyRC3PycTGlqq0w05k9sdHghXw%2BnzaqZHmcw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y7nUR1zV1aItt-iOeh32aNdvRM_7fIDBTkx1GkNl6S5V_JfPTCYOdvXByenUchggGThj1S1MlQvJZXkfhdeLeRii5g3yqQGoTxAD2-JVy2nHkZGmnSNYPgt5tthm9pvWgD4HE6ovgGnnOIK4r4dJCqd3KI0epEDiEpdGRyjJc3ngNpXGrYmapdD5UxkPCC-ukzshKP3P50X_JmF1GymyR_Nfj94VMdQnrfO72nTfTNnDmQSfdDcrTLex9ryRdB0KAueerIHGBng8H8E7gSta2VXBP3MtcBeeNAZNqJZ3rOsbU3s8CINR9HCPk_CzQM0Tx-Y5oGQectTOkuamnkBm97hzijW2Sipt9NWmUFOAwwSKLzUfI4S7gi-uQVFycfuQdSEF8umj7XZZQMgZJhwGr7nitP6gVRdHRdVJOPzm9cxfVciJqscdB1o1tUvM5nRAmnH2Mxac-L37dYNjh6dFZxDGNLwXvldvT6rXKjZ5zC2rntseSXqBAmoJGIEx8z-2lyzzDE9HkKWoNOFcjANA5VfKEocgyqWCDnSNqEtTTgSlHt7kVJsNlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfesnuyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT4AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjSvTDBO3C-egDYKS9FStxBTihaQWocsrbXaX-5eeDHcbs8u6gNmS6GQ-gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1LN-nbHZrK-nioW3BTzzDZusDW6A%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:07:09 GMT
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 4D35 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 15:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
4654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Jul 2024 15:49:35 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
808
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7e7bd6feaa483733-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 17:07:09 GMT
icon
onesignal.com/api/v1/apps/df52f654-7186-474f-8e62-6cce1246df86/ 		260 B
797 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/df52f654-7186-474f-8e62-6cce1246df86/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9b1c55f78bb3f29b837465a42c11b0bf7928e6eee2cc2c6760efbba6d3fe99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8fbed487-6a92-4d4b-97d1-bff1cd530526
x-runtime
0.016699
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2f9b1c55f78bb3f29b837465a42c11b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7e7bd6ffda5dbb85-FRA
access-control-allow-headers
SDK-Version
adview
googleads.g.doubleclick.net/pagead/ Frame 6538 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ckce4uyO0ZIidC4bKiwPDzpuQBsme0rFczYbj1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTMzMjcyOTg1NzkxNTQ3ODfIAQmpAnKZAbhI1rI-qAMByAMCqgT1AU_QgSqm6icVu-IK9LtBtp7VA-UKF9kaK4aG71t53I_gtT6D1lplz5VHD-qtXKDyopDtwzO4kXYI_hGs8pAeKdBSzN5dzJ7s1tJDoK5KFL3LILZFaFTcRx84vUifv7ZLsqQVHcHe8ECCQYwOoWvldxpw8jBMDhdtjqygFwzSZgbTKz0OTXyskrtbtjEiec2kSLTrkyFWx5YtFBICO_qNSYJ1nK3iEC8OqLlOsv7ky_ncY0qBehKva_2MQLipSEYsgDIFOC9qnUPpHyDNcu3gjWnRLYEwhHuzsh6GV4SQYuzrka6gq-Uz78JfxjFss2k3q04QBMotgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMzMjcyOTg1NzkxNTQ3ODcYAA&sigh=X8spYPS0cLM&uach_m=[UACH]&cid=CAQSGwBpAlJWC4JfjPMqZI1GiOx16iV6KDxK9U_DshgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 16 Jul 2023 17:07:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 17:07:09 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6538 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAAk4HJ17QTbnQQuiO0ZIJmsEEnd9czJBUAABIAAAoKQVFVQkFRRUJBUQ&wp=ZLQjuwACzogKYuUGAAbnQ1_wciDyBS42Imt6ig&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:08 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
148658
server
Kestrel
content-length
0
noNeCGhlQ1CJAnLSMM6M_aqKOvyR_460s.jpg
img.onesignal.com/permanent/90851bbf-caaf-4baf-8803-84832b095e4d/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/90851bbf-caaf-4baf-8803-84832b095e4d/noNeCGhlQ1CJAnLSMM6M_aqKOvyR_460s.jpg
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109400e0c2064f54865884f447d8c3baac3e222474c684d4a2657a736fdae7b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Sun, 16 Jul 2023 17:07:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
ADPycdv8apTQR9PLX8g_ok7VhvmRXJoZD7KtJP1szzH8dwYKi0l4eTyTORfC-Ev27r1LjqHLfhFC7fVB9Ss7bDpqsi5FmWqfz6xB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
12051
pragma
no-cache
last-modified
Tue, 06 Jun 2023 20:09:33 GMT
server
cloudflare
etag
"-CNGM/Me5r/8CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1686082173208145
content-type
image/jpeg
x-goog-hash
crc32c=LPL6kw==, md5=zaGjrJAjTmHDJl3daew+OA==
cache-control
public, max-age=2678400
x-goog-stored-content-length
12051
accept-ranges
bytes
cf-ray
7e7bd70058e42c63-FRA
expires
Wed, 16 Aug 2023 17:07:09 GMT
8845d188f02e9480a1fc.js
yastatic.net/partner-code-bundles/806742/ Frame 5B6E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/806742/8845d188f02e9480a1fc.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c430962fa3dd8f77cfe09eb143f92fccb2df834471f9f5ddc9bef100e0bffcc7
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4769
last-modified
Fri, 14 Jul 2023 14:12:37 GMT
server
nginx/1.17.9
etag
"88e49b3d8b337d9d06289bfafbabd7ff"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 15 Jul 2053 23:42:38 GMT
8564d7c6e0b5c26061e7.js
yastatic.net/partner-code-bundles/806742/ Frame 5B6E 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/806742/8564d7c6e0b5c26061e7.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
57d5d7afc110a8c6f62304b7f4bf515924f785d748dc36bce24ef6a60c50a6a6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
6463
last-modified
Fri, 14 Jul 2023 14:12:37 GMT
server
nginx/1.17.9
etag
"0f7141d271005bc58e5208f5e9ff22e9"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 15 Jul 2053 23:42:38 GMT
80df4d8657f94ba81aca.js
yastatic.net/partner-code-bundles/806742/ Frame 5B6E 		113 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/806742/80df4d8657f94ba81aca.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
16f956e8eb1e9f95f89e217acc6639d0a2e0e147d162f1e0a69cc7b2cd4b7cfe
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
23514
last-modified
Fri, 14 Jul 2023 14:12:37 GMT
server
nginx/1.17.9
etag
"0dff665d8ee2bc5f447806d3753002f4"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 15 Jul 2053 23:42:38 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ Frame 5B6E 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 15 Jul 2053 23:40:40 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 5B6E 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
22390c0e21dd5108
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jul 2024 22:53:52 GMT
/
yandex.ru/ads/render/ Frame 5B6E 		181 KB
182 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/render/?target-ref=https%3A%2F%2Fw1.areturnersmagic.com%2F&charset=utf-8&pcode-test-ids=798897%2C0%2C91%3B805547%2C0%2C19%3B802252%2C0%2C42%3B780720%2C0%2C84%3B798399%2C0%2C92%3B802999%2C0%2C96%3B805963%2C0%2C30%3B801975%2C0%2C58%3B798890%2C0%2C91%3B799397%2C0%2C9%3B802013%2C0%2C28%3B800949%2C0%2C82%3B806742%2C0%2C81%3B681841%2C0%2C76&pcode-flags-map=eJy1WNly2zYU%2FRc9xy73xW8gCVKowaUAKFvJZDCqrbrqeOnYTpo643%2FvBUDJoqxCbpL6gaYg3cOLu5x7wK%2BTGeKST9sziQpJUYapLFsmSSMz1DSYTU4%2BfJ18Xlx%2FWk5OJoL1ePJu8rh8eCSX8DmKfD%2BIJ88f373AdKwt%2Blxw2TayQz3HVoTYTQPfIOAGZRRLnLf1CwglXChnZqTArbqBb7NWIlaPYJdf%2FtxBDf1QoxaEa9i87RshGS4Iw7mCRF1n98xzgsDb7A02IuueCsJaSgGtEeoGM3mGRD7FhRSkxrItS46FHdf3nHgnZoIIcBE1hczaYq4y0SGGaiwAv8AlgueOMEtE%2BRg0iIPoBZRhweYqAQ0WZy07lZix1p7KOIyCON0gDMngOYIrJadw27MZngPiGbjESdXY4SIn9uNXcN%2BDQdumkiVFlYpZTwsJGaRzyU9JZ4I%2FQ7Q%2FUG1xFCfRBhHylp9C0c%2FbXkhOW7iQ9xhy0DcFYgTzA2CJG7hj9%2FB5Z1yEAs4x5wTW4Eshz2tqB0t8N4jfDiazOQS1kHwO7fDjoVFRyJqY9Zy2HOo7Yyg%2FPRSSb9pF3hZY9oy%2BGVtlW6WsY1h340tfGpoYvh%2FBuQ78jfBSP42dA3hZX5bQg7juxBzaoCa7oP8ZcdYhUvx4D8se7r8VtVFU%2FYM9%2FRfM78rPfsz%2FLwLfmn3N60Iz3gwzTtoxzyWOGzrxtm3ieOnAS3OYAvhcsl4WbY1IYxtzgOL5%2B80kzD3BSGY191wnCgZzZWlMJKJnaM6tljCzU0N9ne5emIccN8JuE3qOM5rJwyzOObMapm6cGDd1aowukX1DSgK8RBqYkiXKsR0j8Yahq4YPwyXDfAoEVZHcZhe5iT%2BECLZYElYrymLAvKriQCdB0WSksEJAlD13tG%2FQEgxVEK9hAqnS5TnDuJGcd3Z%2FUjcY%2FEFQoW0z%2BIJKpRVIqVQDbAsV2O5UnKSRmfZK2JQw7JoChqmxh%2FLZVUd2%2B%2BxUT06uQzKWanaUNHDiDQrFIHwAwSrtoigJIhPOrbBVDKgKJMWpaO1%2BJ1Hg%2Btvx08pInk0BZAuvAS2gE171TM2%2BXknHHJOZPayx6wSx0Z2MSVNpomfNkJ6cEsi2mLK2r6YHZDEgmfhS9H6uMyp1q22bfZ38tny8%2BL1e3F%2BtbicnwCrvJjd3v66ul%2Fxicb26vZqceM8j1BDaQKPyGjEhf%2Blxj%2FWEzihSUggYYPsBHyY3i9X18f0n8O3vxe3l8gvc%2F7S6WVwtH0ZLV4sbvXL5tLw1P198Xj3emdub460Pl7erYVUhbxBg4X7xdH339Pvw9dO9%2Bf%2FpfnF8u%2Fzr4dUP%2Fljc3ay06cf9W2yQgHzJGrNKXQuCpECVlddAm3tDcem2wJB7hlEugMIPGIa%2BYw4LoP%2FXmh1UPDy66esMWxkuDl1%2FGB36xKRPJ2AJQynDuenIGeEEuOMATOyY6gMaAQ1XK4KrNOWQokR70ouL0kOxFx25uPSOgiBHR1lWZEdFjjw%2FSTCOwmIc3yQM02HKjY9kW90j2j6fmh5S2lHtA8YhUz30MxD%2BgR6CFg0S%2FYSKocxTjAAUWwAuqq3NHSdx4Eb7fNOHLDg00UxVeQcXWBHKL9IQsed09Ao5CEJ3jLy1X02BpJKIQ%2FK5pkIrWupCuRyIocLMBdKHws3JfDh22ktxD%2FoWLiXVVAAH4fqtPgKTrY9vUFVauoMfIGys4z5Ogam9PQBDW74JIg0HCDg71K2Jr%2BxaTsSuptoxBYkVJWtpA7UnSG66OaMtVAAMi7MpEXhPR7AjcuQFqQun%2FyN3VPqJE3qptyV6BOaCFPzVzP68eHgcOxN7YbBRhqqqYdY1lRjPAHhiMt5%2BkqSGylDBi9PZDomAP2GwIyP1irIgDaQbQQ2ZGsCIjYrGOfbH8tMLve2XMAx3GAk9ztUU2ynTdQON3Lm4fbwe9wxs29kGVUib3jugFCxoaxU1dNt03sHwRq8q4mIHIE381EzUt71h0rXWtFMynrm7uEq6D7gN7hmiktTA%2BtYWhTylkf%2Bie9QbIAwHBXXGhnY3wuNAeaeDztDcs2UmzWQXhFrd1sVl4glCWqx1NJCEeaul3j9Ris7tGOrIs%2FFCc4rO65qvDsTNWSuxKWoqQw6Dthdw5KJIWBkqcZx0kEi6HV%2B3RxQH3thCrzx%2FfP4H0%2BIioQ%3D%3D&pcode-icookie=V%2BwMpS6%2FsSNQQxBtX3eh1ZfIdO6OBGr0hcVOY%2FDVMZFWjMQfiS9htXkOBsQHGc%2Fk2CK3GPaYfpWTLRMTmpDu88fkxxg%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=469491465065474&ad-session-id=5702971689527229606&target-id=41008221&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fw1.areturnersmagic.com&top-ancestor-undetermined=0&pcode-version=806742&pcodever=806742&flash-ver=0&layout-config=%7B%22win_width%22%3A728%2C%22win_height%22%3A90%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Atrue%2C%22w%22%3A728%2C%22h%22%3A90%2C%22width%22%3A728%2C%22height%22%3A90%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=0&uniformat=true&callback=Ya%5B1388809741652%5D&hitlogid=4025071364359654992
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
55d9f31aec627a570715f2a8518d511021f0101b0a7b7ca6f370e33580d2a848
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1689527229796486-1373261791583937721-balancer-l7leveler-kubr-yp-sas-154-BAL-5248
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-allow-credentials
true
5715b2738f6cce95878c.js
yastatic.net/partner-code-bundles/806742/ Frame 5B6E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/806742/5715b2738f6cce95878c.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
00c8fcbed47b67ad7cdfabbe08c99f92d1e31efae6d804aa6f2fabd79068bb0a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2081
last-modified
Fri, 14 Jul 2023 14:12:37 GMT
server
nginx/1.17.9
etag
"e8d5b04d9726aee997955f6e12213b08"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 15 Jul 2053 23:42:38 GMT
54561c5500200a130e2e.js
yastatic.net/partner-code-bundles/806742/ Frame 5B6E 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/806742/54561c5500200a130e2e.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8d876fed1ee72f5837d4002ffdca04926e77278c0e9398282459f4d63525d1c3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7952
last-modified
Fri, 14 Jul 2023 14:12:37 GMT
server
nginx/1.17.9
etag
"34beb4940e75f30a10b1746a96aef59a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 15 Jul 2053 23:42:20 GMT
bd75356d9a1ff14d2219.js
yastatic.net/partner-code-bundles/806742/ Frame 5B6E 		620 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/806742/bd75356d9a1ff14d2219.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9902d73d9b8e0ccddbbb4ca229ce487a6ac8c12c391ea05b1704726058823846
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
119228
last-modified
Fri, 14 Jul 2023 14:12:38 GMT
server
nginx/1.17.9
etag
"cf2947100e3ac18f3f99ec2beb1b4379"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 15 Jul 2053 23:42:21 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=3&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=3b3d6ca3-a46e-46bb-9745-c52d72ea5ab3&demand=unifiedPb&ts=1689527229626
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:09 GMT
/
api.purpleads.io/x/v2/b/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=3&pid=8de1378c36a049c4b9a45e1d8c508c2d&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=3b3d6ca3-a46e-46bb-9745-c52d72ea5ab3&demand=unifiedPb&ts=1689527229626
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
19c4179b3c5244055a89f097104e596c752e83fcbf693e30922abc045bad1e79

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

date
Sun, 16 Jul 2023 17:07:10 GMT
content-encoding
br
etag
W/"6a5-uPYecrIiH0YUAFzC30uXRyaqhaI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c299f59cc32b145a4a856d8654be666b34a7c07200a5f012514921c35b7fffc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11790
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31076130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 17:07:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E74F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3830
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 16:03:19 GMT
expires
Mon, 15 Jul 2024 16:03:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A03C 		783 B
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eab1597125516abc6851199d7255cd4e76f1903d5fcf34e291c29c68289e9822
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EMbE2yHrioE464brH0eWxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-EMbE2yHrioE464brH0eWxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:09 GMT
expires
Sun, 16 Jul 2023 17:07:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A03C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=1297263027343578&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame E74F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 15:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
4654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Jul 2024 15:49:35 GMT
vevent
ams3-ib.adnxs-simple.com/ Frame 57D1 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QKvB2yvAwAAAwDWAAUBCLvH0KUGEOCl0unJhOXIIxj_EQF4ASo2Ccam_9Ehi5I_ETyrf4fGnZE_GQAAAGBmZtY_IRESACkRJNgxAAAAoJmZqT8wuc3yCTixSUC1XkjjA1C6iYq2AVjqzmVgAGjurasBeNnzBYABAYoBA1VTRJIBAQbwZZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAt3EAeACjKVI6gIfaHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tL4ADAYgDAJADAJgDFKADAaoDhAMKmgJodA01HHd3LmJpbmcuASvwYWFwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWEyYzkxYzYyLTQzMTItNGZhYS05N2EwLWY3NjkwYjliMTUxOCZjbUV4cElkPUxWMSZvQWRVHUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOkloAuHJ0eXBlPW51cmwmdGFnSWQ9MjA3NTIwNTcmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0XgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjU2Mjk5MjU0NzkyNzcyNDc2OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREl6T1RRNU5UWTRNREkwTURZak1qTXpOREU1TkRRMk5qTTBNVEUwTmc9PcADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxOTMuMzIuMjQ4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAABASkARAAAAwMzMKkCIBQGYBQCgBYXpocXt6O7OG6oFEFFXU05ITjNLTkg2MkZOTkvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWdyVn6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGwo0E2gYWChAFNB0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH2fMF0gcNCREpASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=5d24c48f04ecafb4d0e79859d810dc7199c8a316&type=pv&jm=1003&px=800&py=1105&bw=728&bh=90&sf=1&sid=1015942711458341100&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20752057&ft=2
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:10 GMT
an-x-request-uuid
af59a257-052a-4957-8197-7777c41b74dd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.222; 193.32.248.222; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 57D1
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=17290c1b-355f-4505-8377-125b840d13a3&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a2c91c62-4312-4faa-97a0-f7690b9b1518&rlin...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce8d94da482f4a12bf8a3a4da3490b65&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce8d94da482f4a12bf8a3a4da3490b65&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:f700:9::58dd:5c18 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FD29BEF508BE43D583C43C8FFB9AFB29 Ref B: FRA31EDGE0812 Ref C: 2023-07-16T17:07:10Z
x-cdn-traceid
0.18291202.1689527230.137277f
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 16 Jul 2023 17:07:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C18BF8950416445EA5ABBC8B7277FA95 Ref B: MIL30EDGE1205 Ref C: 2023-07-16T17:07:10Z
x-cdn-traceid
0.18291202.1689527230.13725e8
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce8d94da482f4a12bf8a3a4da3490b65&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
generate_204
tpc.googlesyndication.com/ Frame E74F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xeqfVg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame C1A3 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
i
api.purpleads.io/x/a/03c9e87fc2ca3e02f245b90e630eaedb:5a99c601cd629fbeade7372b4ea37c565a4d42ea414a5d7f60d3fc16e40ebaa8635c80d1852d73cad367a34de857a062e70b3f874fb95515e5cf534d23dcb7c86275ec02d645b8c... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/03c9e87fc2ca3e02f245b90e630eaedb:5a99c601cd629fbeade7372b4ea37c565a4d42ea414a5d7f60d3fc16e40ebaa8635c80d1852d73cad367a34de857a062e70b3f874fb95515e5cf534d23dcb7c86275ec02d645b8ce1536139ef1a674c6e1f445e0a4e5438710e33ffd738d574cbeb765d98ac329751b5313c65ece624c7acbd1c2d45f90914472bae5b310949c3d4dd9c48782d3c6ef7f7a7f6c236ff6/i?id=c7e15aa8-e711-4e91-a735-2dbafc16d52b&ts=1689527230290
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Sun, 16 Jul 2023 17:07:10 GMT
i
api.purpleads.io/x/a/03c9e87fc2ca3e02f245b90e630eaedb:5a99c601cd629fbeade7372b4ea37c565a4d42ea414a5d7f60d3fc16e40ebaa8635c80d1852d73cad367a34de857a062e70b3f874fb95515e5cf534d23dcb7c86275ec02d645b8c... 		15 B
247 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/03c9e87fc2ca3e02f245b90e630eaedb:5a99c601cd629fbeade7372b4ea37c565a4d42ea414a5d7f60d3fc16e40ebaa8635c80d1852d73cad367a34de857a062e70b3f874fb95515e5cf534d23dcb7c86275ec02d645b8ce1536139ef1a674c6e1f445e0a4e5438710e33ffd738d574cbeb765d98ac329751b5313c65ece624c7acbd1c2d45f90914472bae5b310949c3d4dd9c48782d3c6ef7f7a7f6c236ff6/i?id=c7e15aa8-e711-4e91-a735-2dbafc16d52b&ts=1689527230290
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
8063e5a51719c58189c7d5209a5f37b34d14764198145a3f84bfd11c062f11d2

Request headers

accept-language
de-DE,de;q=0.9
x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
pa-user-id
655d0be2-c726-4415-912c-e0f9af5cf821
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.7

Response headers

date
Sun, 16 Jul 2023 17:07:10 GMT
etag
W/"f-lWSD52foMX4qLT82tweJE091S9Q"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
15
eyJpdSI6ImIzNzFhOTA4Njc1Y2JkM2ViNjAzM2QzMmM5NDFlN2E5NWMyMDlhMDk4MzBmYWIxMTQyZjdhN2VlYjNlNWZkMDgiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame C1A3 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIzNzFhOTA4Njc1Y2JkM2ViNjAzM2QzMmM5NDFlN2E5NWMyMDlhMDk4MzBmYWIxMTQyZjdhN2VlYjNlNWZkMDgiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df213a34514defe53474b741a6dabc593378f6c5bc500105d14d837d51408f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:10 GMT
last-modified
Mon, 12 Jun 2023 08:02:32 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=494006
access-control-allow-credentials
false
x-traceid
7caa4a9701faf9d3cfe1af009e74d2c9
timing-allow-origin
*, *
content-length
35242
i
api.purpleads.io/x/a/03c9e87fc2ca3e02f245b90e630eaedb:5a99c601cd629fbeade7372b4ea37c565a4d42ea414a5d7f60d3fc16e40ebaa8635c80d1852d73cad367a34de857a062e70b3f874fb95515e5cf534d23dcb7c86275ec02d645b8c... Frame C1A3 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/03c9e87fc2ca3e02f245b90e630eaedb:5a99c601cd629fbeade7372b4ea37c565a4d42ea414a5d7f60d3fc16e40ebaa8635c80d1852d73cad367a34de857a062e70b3f874fb95515e5cf534d23dcb7c86275ec02d645b8ce1536139ef1a674c6e1f445e0a4e5438710e33ffd738d574cbeb765d98ac329751b5313c65ece624c7acbd1c2d45f90914472bae5b310949c3d4dd9c48782d3c6ef7f7a7f6c236ff6/i?id=c7e15aa8-e711-4e91-a735-2dbafc16d52b
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-32-238.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Sun, 16 Jul 2023 17:07:10 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame C1A3 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a0d39461560b2cdf78572a9616be7986&pvId=a0d39461560b2cdf78572a9616be7986&sid=9809542&pid=45718&idx=3&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:10 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
6bc486bbf1a682b429e0cd699610e530
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame C1A3 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=a0d39461560b2cdf78572a9616be7986&position=0
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:10 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8be4ebe10223472d5b9b0248c703495e
Content-Length
4
Expires
0
wy150
avatars.mds.yandex.net/get-direct/5263930/QrklzFmAFCV2e6oVXTw3YQ/ Frame 5B6E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5263930/QrklzFmAFCV2e6oVXTw3YQ/wy150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx /
Resource Hash
8aa80eba48486afcecb8738f2027af0ea8ccfe237b9bc44d337c5d28656423a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:10 GMT
last-modified
Wed, 09 Nov 2022 13:53:44 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
8238
x-request-id
a87c863dbfdd6ea
nice-loft.ru
favicon.yandex.net/favicon/ Frame 5B6E 		515 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/nice-loft.ru?size=32&stub=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
542b21b66c0c66650fde4d3d310c50b8a1f572cbdc02f85961d553b82000a6ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
1NOXsD6x0I8200000000U9nJt2FkRBMOoQR5C81FT8x8szlcbdkKjwGm084dJ2Hqxvz9LR7NJYWpf382nJC3-1nRGEAb85xjLI3HohWHICvaN04I0OA5Z5iW38QLZ7nGrbx6TZSEXgDW_bb6aCAhOF8k8uE40CDS9X1xATCD9WQ6jKnH83LC_u7WAHEB9WF3AoQ1k...
bs.yandex.ru/rtbcount/ Frame 5B6E 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.yandex.ru/rtbcount/1NOXsD6x0I8200000000U9nJt2FkRBMOoQR5C81FT8x8szlcbdkKjwGm084dJ2Hqxvz9LR7NJYWpf382nJC3-1nRGEAb85xjLI3HohWHICvaN04I0OA5Z5iW38QLZ7nGrbx6TZSEXgDW_bb6aCAhOF8k8uE40CDS9X1xATCD9WQ6jKnH83LC_u7WAHEB9WF3AoQ1kn_dVG_WOsJGhVVRDfU1ZU4l4ml8OcPM8DdBh0WafpA3Z9ZBp0Io5aWgGAnbbZpGotWLB7SNJ3vbDhtvWUidiuCJFyInBE9MMc27hs1PmRo1vJyCCEv0OXz0OjzacJKJ14xQFsJPyDfZoXxM6_PlMK0UMy3AUv8rU2etsE0Bh0qWmFIL5QJh5okdeOMngQcPYO5f0zlMJOV3EzWQM6QmNJaSl82jxSd-onEFNld2iv8DPk01DeyJRCoFs7Z30rojt2nDqfDCShBCNx91GlE3_KyuQoBx7BNedThix-mti3FjOESvmIxvWBtvsB8LMyvyk-lvWvrd0SSAvXKSMnWtSF3ju62ynO4Hc4yv61WQx7ivGLwOoWaAs0MS3SmhE0itSCO007QSisu0?confirmTime=-1&confirmRatio=1000000&test-tag=469491465065474&format-type=117&actual-format=10&rnd=9752592779221&pcode-active-testids=802013%2C0%2C28&pcode-test-ids-from-count=798897%2C0%2C91%3B805547%2C0%2C19%3B802252%2C0%2C42%3B780720%2C0%2C84%3B798399%2C0%2C92%3B802999%2C0%2C96%3B805963%2C0%2C30%3B801975%2C0%2C58%3B798890%2C0%2C91%3B799397%2C0%2C9%3B802013%2C0%2C28%3B800949%2C0%2C82%3B806742%2C0%2C81%3B681841%2C0%2C76&banner-sizes=eyI3MjA1NzYwNzU3NzEwNzI5OSI6IjcyOHg5MCJ9&width=728&height=90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 16 Jul 2023 17:07:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 16 Jul 2023 17:07:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=1297263027343578&bg=!ubqluu7NAAb90kgr3dI7ADkAdvg8Wnj8rtvVc41KUgRcjYobz85lLp33AHVKL6fK0MxmUsyhLzrdNfKztubetWdPdSt98x36-L0CAAAAm1IAAABKaAEHCgCYEneemDq3zZzXMxoi2zfvwf2kCp2YbNtLWzQ4QnP6B97m3UsA5Gcco5bbRV1L5ouLyoQQOZ-GOJFg2nIGqyJ9DaW44RZkEytXngNX_oMcSE4dthks9XsohP6WdA0GIFdIi8L-oVWmSRqwoPOcpFdi_G-3Rs5rmqaNg8fhJGgfRhASgnTJPRoNyKLiZoRvkzjiSVN_094HU2OZAqr5HZST3Ox8NU7xYZoKdL5ngNHhWLFzILbUMwRiKsg-mgtFT8nBRMGbrZoTjxzsfI6SHu3MtcSXlcNBQFty0wRnk7_7NoaLhCyu1aowXKQiUyXk6Cr5JPBgOSYEelfTlcw4hq1Z7JdFQxCNdfuwlDdtrZG0ON1R9aFmmQcnyH7j7Go4_g1r5zPNPokEcWN0ROfLGud6XWqtUp2y3WhkbvagktOQU0M4d5GEes181BCXAvC8DJepU1jDevOL_3tIQ24-0P_F0TLyOG7RT__-WGbTwKluTfwum19Ly-x2X1FJegEh1iStqAyvxnMUMW9x8t0a-lfU_8do5vEtdGBRp3ClZq9e5QfsjBXhSER5vX5V7rAO_7iHNYciSl-Hy5zDj9_xI0f34HB2M5t3UfeB6AqIcj-j6oK4iRj_tpxGg8SkanaDSoNf0suLfbFBW951W68e2U-8wGREQaewjxHQZaCDEaSJs9A0rUUNR9vteYJjK9dzFrnbBbPHIvxhQ_6Wvo__VA5pgvWiD79CkHgqe2CKEoO6YpU0kZ99WUWZxGZXUGIDu4u0dAUG89UrVnu8PnjyetWUHynUWIukTIHmWlBY_B_3NDVqtxp8lPjjC45UeP_Gtp_4-lEx5Y0plvXhkF1NltdyrT3512OssNEaOBFyt8ZP18_pHJJJtSJproBbXSsE0fRqEwHjJo-eQ4PudgNnMyHSg7rBtggyQFjQ6YJanjiYv9qQrspBO1PLTNGVNqP6kUluKtASXLnS1fVd1oKOn9IlgHmHW12cmIh5jNNzUqNH00qrdzSS5WnKzANgdLlfaPkfakzZ6L57rYRc8aAsx1ZRk9L7aP3dAoaiMd4mXfvsbT4C783oN5-MZGPP_KJKy9Sy3GH2IGBLqUWfvrsxLudDs5bkIme4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
iframe
cs.admanmedia.com/ Frame 5A70 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
nginx
Transfer-Encoding
chunked
isyn
prebid.a-mo.net/ Frame 33B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sun, 16 Jul 2023 17:07:10 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame B2DD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29164
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 16 Jul 2023 11:05:03 GMT
etag
W/"481f0eb11193eeaea6a690e5c66c57a4"
last-modified
Wed, 07 Jun 2023 17:56:33 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id
Ye6qrYJv3R9kexulyyZ_RsoKViq4RhLvjx5TrB77ROVEOcNHLtVWAA==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0c92ffba-51e2-4731-859f-5f9f5816d5c0
x-amz-meta-codebuild-content-md5
0784681e688ba45904ac0a64aa0b0a6b
x-amz-meta-codebuild-content-sha256
956b79d89029f14eaea1f363768b0942a0576bc42557ef6c8f6cc53fdc4d8515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
prebid
b1h-euc1.zemanta.com/usersync/ Frame 2FB0 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:11 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
13926
g2.gumgum.com/usync/ Frame 3574 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.205.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-205-5.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
45118c26b74b8194dfc3fd248241e4849e89ae15d8c9f69b05562abde33d54ba

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 16 Jul 2023 17:07:11 GMT
etag
W/"0f3288202b7647115d78416928c80a5fc"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 63EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame E269 		876 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6831e309a4dd65b8dda9edccec264a8817f9d89b1c241db9be67458e2c46f452

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
876
content-type
text/html
date
Sun, 16 Jul 2023 17:07:10 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1AE5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
1b748fe08136f43cfd413a9d99de5b721cc5ce2d53706babe4496638c1e0dad7

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1976
Content-Type
text/html
Date
Sun, 16 Jul 2023 17:07:11 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:11 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 39A7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Jul 2023 17:07:11 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 16 Jul 2023 17:07:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B973 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25130
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 17:07:11 GMT
expires
Mon, 17 Jul 2023 00:06:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame A3EB 		0
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 17:07:11 GMT
server
istio-envoy
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id
moQFVy8HIroCBsjdaA4vbDC6XCic0Psb8UIPLsZ_sJ58S38Mi6c7zA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 1F69 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:11 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3A1F 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.174.190.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-190-28.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 17:07:11 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
usersync.html
ad-cdn.technoratimedia.com/html/ Frame C8D4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
e40158b722a1dd6f4126a32292e5281e026c3a011124aaaa31911292aeebb4d3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
174
cache-control
max-age=900
content-encoding
gzip
content-length
5982
content-md5
LEKRb+dDodMGZNnV5iGn5Q==
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:11 GMT
etag
0230cb2d-7adc-4c08-b347-25a3ff3af06b
expires
Sun, 16 Jul 2023 17:22:11 GMT
last-modified
Fri, 14 Jul 2023 17:12:37 GMT
opc-request-id
iad-1:kDao8cDdqwhN2QOjeom5A1ct9CzE-Kf-2n5Vt-w_3hmcBY1Sm2EiVmA1hiU2G2E8
server
ECAcc (frc/4CFA)
storage-tier
Standard
vary
Accept-Encoding
version-id
cfdc7a77-2051-4994-ba67-f5c4beb2cdc2
x-api-id
native
x-cache
HIT
sync
ads.servenobid.com/ Frame B2DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
an-x-request-uuid
20f05eac-a20d-4c6f-9624-45ea71caf7b7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame B2DD
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame B2DD 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 16 Jul 2023 17:07:11 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame B2DD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1689527231600
  • https://ad.turn.com/r/cs?pid=45&rndcb=5943410751
  • https://sync.1rx.io/usersync/turn/2346221417666266858?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-beb6e022-1668-478f-8c2e-cd407d37b339-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-beb6e022-1668-478f-8c2e-cd407d37b339-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-beb6e022-1668-478f-8c2e-cd407d37b339-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-beb6e022-1668-478f-8c2e-cd407d37b339-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-beb6e022-1668-478f-8c2e-cd407d37b339-003
date
Sun, 16 Jul 2023 17:07:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbeb6e0221668478f8c2ecd407d37b339003
content-type
text/html
sync
ads.servenobid.com/ Frame B2DD
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame B2DD 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-133
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame B2DD
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame B2DD 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame B2DD
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame B2DD 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame B2DD 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.140.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-140-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
sync
ads.servenobid.com/ Frame B2DD
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 16 Jul 2023 17:07:11 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 16 Jul 2023 17:07:11 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B973 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71817244&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
83ab2b60ef63aa7eb84bde32443c900795f1988860ca207535d3fc39b4d3ee02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 16 Jul 2023 17:07:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
an-x-request-uuid
00437892-c68a-4601-b598-f535690db4e7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=356a0356-b8dd-4c4b-8b30-caff3016ad84&user_group=1&ssp=gumgum2&bsw_param=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f
  • https://usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 16 Jul 2023 17:07:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame 3574
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&obuid=ENC(l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.74.236.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
no-cache
X-TraceId
a7cbe0eba3851bef3910cd485dce7534
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Sun, 16 Jul 2023 17:07:12 GMT
X-TraceId
24e6fa41d36d54a485e86f4e5b0d43b0
Content-Length
0
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 16 Jul 2023 17:07:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
Date
Sun, 16 Jul 2023 17:07:12 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 3574 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4d2e:1255:2706:70af Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
Date
Sun, 16 Jul 2023 17:07:12 GMT
Connection
keep-alive
X-CI-RTID
7f35f75b-1fbb-48c9-9dc2-c6e26b80ff38
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 16 Jul 2023 17:07:11 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
799786875
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 3574 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=cx0gUpUFTRqfRChG1oDZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3YGBTVK4CVIZKFE4LGKJBWQRZRN5CFU...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
access-control-allow-origin
*
date
Sun, 16 Jul 2023 17:07:12 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=sCezRsQ8U64z&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=sCezRsQ8U64z&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=sCezRsQ8U64z&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-568697f4c9-v7lr7
expires
-1
usersync
usersync.gumgum.com/ Frame 3574
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
date
Sun, 16 Jul 2023 17:07:11 GMT
content-length
0
sync
ads.servenobid.com/ Frame 3574 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame C8D4
Redirect Chain
  • https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99
  • https://ads.servenobid.com/sync?pid=362&uid=GDPR
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=362&uid=GDPR
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

date
Sun, 16 Jul 2023 17:07:11 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
802233912
location
https://ads.servenobid.com/sync?pid=362&uid=GDPR
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 8EC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZLQjvwABU1BsXQAb
  • https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=&_test=ZLQjvwABU1BsXQAb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=&_test=ZLQjvwABU1BsXQAb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 16 Jul 2023 17:07:11 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=&_test=ZLQjvwABU1BsXQAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230046-FRA
x-timer
S1689527232.900644,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E54B 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYWI0YTRiNi1hNThjLTQyNTQtOGFiZS01NDU1NTYzNWRkYmI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 104C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25130
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 17:07:11 GMT
expires
Mon, 17 Jul 2023 00:06:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 9717 		70 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 16 Jul 2023 17:07:11 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame E82D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tIAAIloUlcAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tIAAIloUlcAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:12 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tIAAIloUlcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40216.dc2p.scaleout.jp
X-SO-IP
193.32.248.222
X-SO-Key
ZLQjwMCo5tIAAIloUlcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZLQjwMCo5tIAAIloUlcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40216"}
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40216
gumgum
cs.admanmedia.com/sync/ Frame 2509 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
nginx
Transfer-Encoding
chunked
usermatchredir
ssum-sec.casalemedia.com/ Frame C593 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:11 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 3DB9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 16 Jul 2023 17:07:11 GMT Sun, 16 Jul 2023 17:07:11 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D4F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Jul 2023 17:07:11 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 16 Jul 2023 17:07:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usermatchredir
ssum-sec.casalemedia.com/ Frame 1AE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1AE5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1AE5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 1AE5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8VD5G4V9RXV7PYMF1HWE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D0P2N5MA5WNSTM2889JH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1AE5
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bcd7fc83-2bf0-4fbd-b52a-12e3abe9c3b7
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bcd7fc83-2bf0-4fbd-b52a-12e3abe9c3b7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bcd7fc83-2bf0-4fbd-b52a-12e3abe9c3b7
date
Sun, 16 Jul 2023 17:07:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
362358.gif
idsync.rlcdn.com/ Frame 1AE5
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZLQjv0Rt8zi6KxDvRkE53QAA%265181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZLQjv0Rt8zi6KxDvRkE53QAA%265181&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a49bc3846e8d41d3bd0b6d21d42997fd
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a49bc384-6e8d-41d3-bd0b-6d21d42997fd
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=19b41951-2ebb-4c46-9ee0-37466dd20337%3A1689527233.0246456&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D19b41951-2ebb-4c46-9ee0-37466dd...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433828863579194&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D19b41951-2ebb-4c46-9e...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=19b41951-2ebb-4c46-9ee0-37466dd20337%3A1689527233.0246456&_=1689527233.1149983
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjcxOWI0MTk1MS0yZWJiLTRjNDYtOWVlMC0zNzQ2NmRkMjAzMzc6MTY4OTUyNzIzMy4wMjQ2NDU2EAAaDQjBx9ClBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELhzbYQMAdTkf2ib1MvVIRI&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELhzbYQMAdTkf2ib1MvVIRI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:13 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELhzbYQMAdTkf2ib1MvVIRI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 1AE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1703393660974163132
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1703393660974163132
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
an-x-request-uuid
f5ec64aa-fb14-4780-8c5e-386b5c92e2a4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1703393660974163132
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1AE5
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sun, 16 Jul 2023 17:07:11 GMT
server
_
content-length
0
sync
ads.servenobid.com/ Frame 1AE5 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame E269 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5945908886327755583&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame E269
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7256464202877761691&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7256464202877761691&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7256464202877761691&gdpr=0&gdpr_consent=
Date
Sun, 16 Jul 2023 17:07:11 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame E269
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407763652132818904&gdpr=0&gdpr_consent=
43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407763652132818904&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407763652132818904&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
wt.rqtrk.eu/ Frame E269
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5945908886327755583&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5945908886327755583&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
141.95.32.71 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-006.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
4
content-length
43
expires
Sun, 16 Jul 2023 17:07:11 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5945908886327755583&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
b1sync.zemanta.com/usersync/smart/ Frame E269 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:12 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 3849 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:11 GMT
expires
Sun, 16 Jul 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
189033
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame E8CD
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4269914026473427936
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4269914026473427936
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4269914026473427936
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame A216
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828863579194
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828863579194
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 16 Jul 2023 17:07:11 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828863579194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1F89
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
S83DYAN4HAMMRF5ZXE45

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DEB8DH2FRC6M96RX4S9X
Pug
image2.pubmatic.com/AdServer/ Frame C234
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 16 Jul 2023 17:07:11 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame D276 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 16 Jul 2023 17:07:11 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4av8uxe4TeK4mP5AW3uUpg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=25130
accept-ranges
bytes
content-length
5606
expires
Mon, 17 Jul 2023 00:06:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame B973 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.109.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-109-107.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.147
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame B973
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2557823176
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
via
1.1 google
last-modified
Sun, 16 Jul 2023 17:07:12 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
date
Sun, 16 Jul 2023 17:07:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
match
a.audrte.com/ Frame B973 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.60.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-60-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTFBQkZDQkItMTdCOC00REUyLUI4OTgtRkU0MDVCN0I5NEE2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENNcrjXqx5_tosHvYqkKtC8&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENNcrjXqx5_tosHvYqkKtC8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENNcrjXqx5_tosHvYqkKtC8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B973 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 15 Jul 2023 17:07:11 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6515876097282188256
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6515876097282188256
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6515876097282188256
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame B973 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.js
eus.rubiconproject.com/ Frame 39A7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cc790a10c17f5c951fd0dd8dbcb9ed7a583704662cd9c78c80a13169edb56d0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Jul 2023 06:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48976
Connection
keep-alive
Content-Length
10114
Expires
Mon, 17 Jul 2023 06:43:27 GMT
usync.js
eus.rubiconproject.com/ Frame D4F5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cc790a10c17f5c951fd0dd8dbcb9ed7a583704662cd9c78c80a13169edb56d0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Jul 2023 06:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48976
Connection
keep-alive
Content-Length
10114
Expires
Mon, 17 Jul 2023 06:43:27 GMT
khaos.jpg
token.rubiconproject.com/ Frame D4F5 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 39A7 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 39A7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
iframe
cs.admanmedia.com/ Frame 9D41 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
nginx
Transfer-Encoding
chunked
sync.html
public.servenobid.com/ Frame 2E85 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29165
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 16 Jul 2023 11:05:03 GMT
etag
W/"481f0eb11193eeaea6a690e5c66c57a4"
last-modified
Wed, 07 Jun 2023 17:56:33 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id
-UjHpWvryBObqPvdv-Khg_jswZiCccx30cle4uDb-i0dh5X1lWwjhg==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0c92ffba-51e2-4731-859f-5f9f5816d5c0
x-amz-meta-codebuild-content-md5
0784681e688ba45904ac0a64aa0b0a6b
x-amz-meta-codebuild-content-sha256
956b79d89029f14eaea1f363768b0942a0576bc42557ef6c8f6cc53fdc4d8515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
isyn
prebid.a-mo.net/ Frame CDF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sun, 16 Jul 2023 17:07:12 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
prebid
b1h-euc1.zemanta.com/usersync/ Frame BF8D 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-07-11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:12 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
13926
g2.gumgum.com/usync/ Frame E4F4 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.205.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-205-5.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
45118c26b74b8194dfc3fd248241e4849e89ae15d8c9f69b05562abde33d54ba

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 16 Jul 2023 17:07:12 GMT
etag
W/"0f3288202b7647115d78416928c80a5fc"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 3D13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2054 		855 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
735c6647be79a57ed6a415de4ed44961b02599b9475e6d0506f6017240744129

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
855
content-type
text/html
date
Sun, 16 Jul 2023 17:07:12 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 806E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
0b370792a8ddbd5ece7e5b25df962a4eee453a66261d8be93836216a2a649395

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1776
Content-Type
text/html
Date
Sun, 16 Jul 2023 17:07:12 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 29CF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Jul 2023 17:07:12 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 16 Jul 2023 17:07:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CB9E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25129
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 17:07:12 GMT
expires
Mon, 17 Jul 2023 00:06:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 6CC2 		0
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 17:07:12 GMT
server
istio-envoy
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id
vt738yokEQf9CtDF9wxOojOmJAfa-z1BSSf7BOuZjJZI3qDXiFdpKA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 7169 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:12 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame EBD2 		0
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.174.190.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-190-28.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 17:07:12 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 7919 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
e40158b722a1dd6f4126a32292e5281e026c3a011124aaaa31911292aeebb4d3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
175
cache-control
max-age=900
content-encoding
gzip
content-length
5982
content-md5
LEKRb+dDodMGZNnV5iGn5Q==
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:12 GMT
etag
0230cb2d-7adc-4c08-b347-25a3ff3af06b
expires
Sun, 16 Jul 2023 17:22:12 GMT
last-modified
Fri, 14 Jul 2023 17:12:37 GMT
opc-request-id
iad-1:kDao8cDdqwhN2QOjeom5A1ct9CzE-Kf-2n5Vt-w_3hmcBY1Sm2EiVmA1hiU2G2E8
server
ECAcc (frc/4CFA)
storage-tier
Standard
vary
Accept-Encoding
version-id
cfdc7a77-2051-4994-ba67-f5c4beb2cdc2
x-api-id
native
x-cache
HIT
sync
ads.servenobid.com/ Frame 2E85
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
an-x-request-uuid
8b372606-d4a6-4b01-876c-9108dc14b041
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=1703393660974163132
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 2E85
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=G_cDtRZH7KXJ5lahTsyJNhWl
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 2E85 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 16 Jul 2023 17:07:12 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame 2E85
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1614270571
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1614270571
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
etag
RXbeb6e0221668478f8c2ecd407d37b339003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1614270571
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 2E85
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433828863579194
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 2E85 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-133
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 2E85
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame 2E85 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 2E85
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-8cc47e64-1532-3073-ae1b-917c140e6f54
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame 2E85 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 2E85 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.140.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-140-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
sync
ads.servenobid.com/ Frame 2E85
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 16 Jul 2023 17:07:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 16 Jul 2023 17:07:12 GMT
casale
match.adsrvr.org/track/cmf/ Frame 806E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 806E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKnsR7mRHOeLMvuGxgnBv0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 806E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLQjv0Rt8zi6KxDvRkE53QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMVGNy7CkQgKBxdTvijVS0Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 806E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X6S2NRZYACXNDBAC6Z40
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 806E
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3e286a4-3246-4601-bb57-003d324d1067&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sun, 16 Jul 2023 17:07:12 GMT
server
_
content-length
0
rum
dsum.casalemedia.com/ Frame 806E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=95af5e9b-164e-44d5-a36a-f4e292821a1c&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 16 Jul 2023 17:07:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum.casalemedia.com/ Frame 806E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1689613632
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1689613632
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1689613632
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
bridge
cm.adgrx.com/ Frame 806E 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
ads.servenobid.com/ Frame 806E 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 2054 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5945908886327755583&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
genericusersync.ashx
sync.tidaltv.com/ Frame 2054 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b002:5b08:cd2d:1e37:b69e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 2054
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f3e286a4-3246-4601-bb57-003d324d1067&gdpr_consent=null&gdpr=0
43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f3e286a4-3246-4601-bb57-003d324d1067&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:11 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f3e286a4-3246-4601-bb57-003d324d1067&gdpr_consent=null&gdpr=0
date
Sun, 16 Jul 2023 17:07:12 GMT
server
_
content-length
0
/
b1sync.zemanta.com/usersync/smart/ Frame 2054 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:12 GMT
v1
match.sharethrough.com/sync/ Frame 2054
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5945908886327755583&gdpr=0&gdpr_consent=
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5945908886327755583&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
18.195.140.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-140-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5945908886327755583&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:12 GMT
an-x-request-uuid
ecdedb3b-f205-4f27-8081-1568acfa54b2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=1703393660974163132
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=lnPW65J01rmNI4S-lXGZu8V1je2NJNe7xiEaUJF_
  • https://usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 16 Jul 2023 17:07:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame E4F4
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&obuid=ENC(l2D_px-lTD5gfds4rUVVD4iFMpI3BVBDF5ddscQhI3AcNaGCSmRJwHM-dlOMPIc0...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.74.236.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:13 GMT
Cache-Control
no-cache
X-TraceId
b4cf10c4468fa84ce80f12a7a164b2f3
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Sun, 16 Jul 2023 17:07:13 GMT
X-TraceId
365972746c2cb56abf374d8b1f6062aa
Content-Length
0
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 16 Jul 2023 17:07:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=7ccf147b-be40-42b0-afe1-05916dd5b74b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-509fb14b-441d-5aff-7690-ac8d91ea7349$ip$193.32.248.222
Date
Sun, 16 Jul 2023 17:07:12 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame E4F4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4d2e:1255:2706:70af Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f0a7105c-b31e-493c-9bbf-f52d940d3386
Date
Sun, 16 Jul 2023 17:07:12 GMT
Connection
keep-alive
X-CI-RTID
883f9dea-1c04-4437-8b44-52e2fc67d9c7
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 16 Jul 2023 17:07:12 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
800568201
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame E4F4 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:11 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=cx0gUpUFTRqfRChG1oDZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3YGBTVK4CVIZKFE4LGKJBWQRZRN5CFU...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=cx0gUpUFTRqfRChG1oDZ&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=af8ef094-3336-417b-b157-4a6cafeb9aa5
access-control-allow-origin
*
date
Sun, 16 Jul 2023 17:07:12 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=y4B8za6tVv1J&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=y4B8za6tVv1J&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=y4B8za6tVv1J&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-568697f4c9-v7lr7
expires
-1
usersync
usersync.gumgum.com/ Frame E4F4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 16 Jul 2023 17:07:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5945908886327755583
date
Sun, 16 Jul 2023 17:07:12 GMT
content-length
0
sync
ads.servenobid.com/ Frame E4F4 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame C2F1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 16 Jul 2023 17:07:12 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZLQjvwABU1BsXQAb&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230046-FRA
x-timer
S1689527232.319571,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E085 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYWI0YTRiNi1hNThjLTQyNTQtOGFiZS01NDU1NTYzNWRkYmI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 17:07:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D59D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25129
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 17:07:12 GMT
expires
Mon, 17 Jul 2023 00:06:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame C0F3 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 16 Jul 2023 17:07:12 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 0F3E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tAAAO2JsdAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tAAAO2JsdAAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:12 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZLQjwMCo5tAAAO2JsdAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad68.dc4p.scaleout.jp
X-SO-IP
193.32.248.222
X-SO-Key
ZLQjwMCo5tAAAO2JsdAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZLQjwMCo5tAAAO2JsdAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad68"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad68
gumgum
cs.admanmedia.com/sync/ Frame FFF1 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 16 Jul 2023 17:07:12 GMT
Server
nginx
Transfer-Encoding
chunked
usermatchredir
ssum-sec.casalemedia.com/ Frame 5912 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:12 GMT
Expires
0
Keep-Alive
timeout=1, max=495
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 7B4A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 16 Jul 2023 17:07:12 GMT Sun, 16 Jul 2023 17:07:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=PCx90RSeVwCBgeJM2NCs&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame FBCD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Jul 2023 17:07:12 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 16 Jul 2023 17:07:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 29CF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cc790a10c17f5c951fd0dd8dbcb9ed7a583704662cd9c78c80a13169edb56d0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Jul 2023 06:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48975
Connection
keep-alive
Content-Length
10114
Expires
Mon, 17 Jul 2023 06:43:27 GMT
sync
ads.servenobid.com/ Frame 7919
Redirect Chain
  • https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99
  • https://ads.servenobid.com/sync?pid=362&uid=GDPR
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=362&uid=GDPR
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

date
Sun, 16 Jul 2023 17:07:12 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
800929875
location
https://ads.servenobid.com/sync?pid=362&uid=GDPR
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame 29CF 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame FBCD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cc790a10c17f5c951fd0dd8dbcb9ed7a583704662cd9c78c80a13169edb56d0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 17:07:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Jul 2023 06:42:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48975
Connection
keep-alive
Content-Length
10114
Expires
Mon, 17 Jul 2023 06:43:27 GMT
khaos.jpg
token.rubiconproject.com/ Frame FBCD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame B973 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 104C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94100080&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
989ec007d495c0537f3ba03cdce123ce8fdf2485276c8346a747e00348c3ce3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 16 Jul 2023 17:07:14 GMT
content-length
1882
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame B973 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93328238&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
989ec007d495c0537f3ba03cdce123ce8fdf2485276c8346a747e00348c3ce3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 16 Jul 2023 17:07:14 GMT
content-length
1882
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 9321 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 16 Jul 2023 17:07:14 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 378E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
6c9dc4c0-dd30-43f8-947a-a4f22c694289
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 659A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 16 Jul 2023 17:07:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
t.adx.opera.com/pub/ Frame AAE9 		0
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 16 Jul 2023 17:07:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 5979
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 16 Jul 2023 17:07:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F1E7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbXprN0phRWdBQUNRZ1JDTEZUQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEF6U7JaEgAACSXVPokZg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEF6U7JaEgAACSXVPokZg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEF6U7JaEgAACSXVPokZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5945908886327755583&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:15 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 0A7D 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:14 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame 104C 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:14 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7e7bd721efb64d64-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 104C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:26 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:26 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 104C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 104C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4d2e:1255:2706:70af Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 104C 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
odr.mookie1.com/t/v2/ Frame 104C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&ssp=pubmatic&gdpr=0&gdpr_consent=
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&ssp=pubmatic&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.160.236.64 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:14 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&ssp=pubmatic&gdpr=0&gdpr_consent=
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 104C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 104C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
mw
mwzeom.zeotap.com/ Frame B973 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:14 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7e7bd721efb74d64-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame B973
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:26 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:26 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B973
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a71fe07cbb0448e9/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=985e072f1c5ca953
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cac2e330-0e9f-43b4-5f05-4c0964e44ca9&reqId=0438fea6-947c-483d-5e6c-e277c559344a&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGt4xYCfmAkuO4E2mAW0eX4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cac2e330-0e9f-43b4-5f05-4c0964e44ca9&reqId=0438fea6-947c-483d-5e6c-e27...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGt4xYCfmAkuO4E2mAW0eX4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cac2e330-0e9f-43b4-5f05-4c0964e44ca9&reqId=0438fea6-947c-483d-5e6c-e277c559344a&zcluid=985e072f1c5ca953&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7e7bd72389f14d64-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGt4xYCfmAkuO4E2mAW0eX4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cac2e330-0e9f-43b4-5f05-4c0964e44ca9&reqId=0438fea6-947c-483d-5e6c-e277c559344a&zcluid=985e072f1c5ca953&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 6579 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 16 Jul 2023 17:07:14 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C0AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
53bcc2c3-a0f5-4bc1-a755-0a4ca6af899e
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1703393660974163132&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B973 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4d2e:1255:2706:70af Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame B973 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 17:07:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjCx9ClBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEDZFPmQj-xHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGNlYzdlMmY3LWViMTgtNGU0MS04Y2FlLTE1ZGFiYmVmMWI2Zg**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=36453e64-23fb-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cec7e2f7-eb18-4e41-8cae-15dabbef1b6f&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A496
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 16 Jul 2023 17:07:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7256464202877761691&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
current
pubmatic-match.dotomi.com/match/bounce/ Frame B973 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
t.adx.opera.com/pub/ Frame 00FC 		0
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 16 Jul 2023 17:07:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 6FB3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 16 Jul 2023 17:07:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UJ-xS0QdWv92kKyNkepzScEg-N4&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2346221417666266858&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 6871
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRjZVN0phRWdBQUNTWFZQb2taZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEF6U7JaEgAACSXVPokZg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEF6U7JaEgAACSXVPokZg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEF6U7JaEgAACSXVPokZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5945908886327755583&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jul 2023 17:07:15 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEF6U7JaEgAACSXVPokZg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
sync
ads.servenobid.com/ Frame 86A6 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 16 Jul 2023 17:07:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CB9E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96705863&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5cfda0c76623c5425ca18f09d38364b7fc8a2361d7b00eb3401f8233cdf879d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 16 Jul 2023 17:07:15 GMT
content-length
1635
content-type
text/html; charset=UTF-8
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 000B 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 16 Jul 2023 17:07:15 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230046-FRA
x-timer
S1689527235.375043,VS0,VE98
Pug
simage2.pubmatic.com/AdServer/ Frame D197
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 16 Jul 2023 17:07:15 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
bridge
cm.adgrx.com/ Frame FF34 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 16 Jul 2023 17:07:15 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
cm
ipac.ctnsnet.com/int/ Frame 22D1 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 16 Jul 2023 17:07:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 633C 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:15 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-8a2ca045a4c5@version_1.563v2
X-core-time
1ms
X-server-arch
v2
i.match
a.tribalfusion.com/ Frame 3854 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 8453 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8323
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
42 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 16 Jul 2023 17:07:15 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame 9AF8 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 16 Jul 2023 17:07:15 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CB9E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 16 Jul 2023 17:07:15 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CB9E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1f618319-c345-456b-9a1b-b68ebbc8f48c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1f618319-c345-456b-9a1b-b68ebbc8f48c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1f618319-c345-456b-9a1b-b68ebbc8f48c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 16 Jul 2023 17:07:15 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame D59D 		809 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8234520&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c0e728de985744f96410651b7d313117838277e7308d5cc62381d131442d145e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 16 Jul 2023 17:07:15 GMT
content-length
809
content-type
text/html; charset=UTF-8
/
pixel-eu.onaudience.com/ Frame C6AF
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
0
0
pub
matching.truffle.bid/sync/ Frame 1A54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 16 Jul 2023 17:07:15 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame C3C0
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:317F0B4C0A6E4EBAAC10BB996C32E086&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:317F0B4C0A6E4EBAAC10BB996C32E086&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 17:07:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 16 Jul 2023 17:07:15 GMT
expires
Sat, 15 Jul 2023 17:07:15 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:317F0B4C0A6E4EBAAC10BB996C32E086&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 402E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3752493873
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3752493873
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 16 Jul 2023 17:07:15 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 16 Jul 2023 17:07:15 GMT
etag
RXbeb6e0221668478f8c2ecd407d37b339003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3752493873
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
usersync
usersync.gumgum.com/ Frame 55C8 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 16 Jul 2023 17:07:15 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame D59D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1703393660974163132
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1703393660974163132
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 17:07:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 17:07:15 GMT
an-x-request-uuid
99837d56-4124-4473-bc58-adc168851d82
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1703393660974163132
x-proxy-origin
193.32.248.222; 193.32.248.222; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
pixel-eu.onaudience.com
URL
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| DarkMode string| GoogleAnalyticsObject function| ga object| wpDarkMode function| checkOsDarkMode object| essb_settings function| documentInitOneSignal function| OneSignal function| loadCSS function| _0x2981 function| _0x1dee boolean| _purpleadsWasLoaded object| _purpleads string| purpleadsInstanceId function| _storage number| amountScrolled object| jQuery111303494281685013525 object| atOptions object| _0x1056 function| _0x3893 boolean| _purpleAdsDisplayInit object| globalSlots object| purpleadsAgent object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| dataLayer function| google_sa_impl boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| ADAGIO function| _ object| _wpUtilSettings object| wp function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| SUShortcodesL10n object| SUImageCarousel object| lazyLoadOptions object| google_llp object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy number| height object| _ADAGIO number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 number| google_lpabyc object| googletag number| lnt_z object| GoogleGcLKhOms

103 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDGFQ
.onesignal.com/ Name: __cf_bm
Value: 6IH4Otw_hOz3ZzacE1poGFSR7Ns0N_AtafDO4QmSWug-1689527226-0-AWZ7+RN7XqUTfq3wbKT1xuWvmdYGEnul0U8inrvF/thJPEiwG2rwSmK24aNcTEfwCpBCBHQBOZoSO3qmKopBpGk=
.areturnersmagic.com/ Name: _ga
Value: GA1.2.303911924.1689527227
.areturnersmagic.com/ Name: _gid
Value: GA1.2.2029745786.1689527227
.areturnersmagic.com/ Name: _gat
Value: 1
.areturnersmagic.com/ Name: _ga_0YRP7Y1G4K
Value: GS1.2.1689527227.1.0.1689527227.0.0.0
.areturnersmagic.com/ Name: __gads
Value: ID=0c3e421daad6bb72-2273ad98bee20014:T=1689527227:RT=1689527227:S=ALNI_MaDD8CXjgd_tNg39-T4-AUZ1X0viw
.areturnersmagic.com/ Name: __gpi
Value: UID=00000ccaa6191206:T=1689527227:RT=1689527227:S=ALNI_MZqJXxcU1avtZUMKwq6m8TA8osEKw
.bing.com/ Name: MUID
Value: 0D222B49E9EA68070FB03819E8426981
.prebid.a-mo.net/ Name: __amc
Value: 3_1689527227_1689527228
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yandex.ru/ Name: i
Value: fVaS4QEAXxuYL6vVYBaM3Jc1zFuqTRCcjxw+/nebWNmMg2NHpLwIgLKcFtB+XZbjLLlx5wxUzkBtdZPzdXFILl3RGm0=
.yandex.ru/ Name: yandexuid
Value: 8066196411689527229
.doubleclick.net/ Name: IDE
Value: AHWqTUlYXkYhmJ0TpUnTi1HMrDwaZFy-PYMFe32kym60w9CezNsex-BrnTLLWf-LdT0
.adnxs.com/ Name: uuid2
Value: 1703393660974163132
.lijit.com/ Name: ljt_reader
Value: G_cDtRZH7KXJ5lahTsyJNhWl
.casalemedia.com/ Name: CMID
Value: ZLQjv0Rt8zi6KxDvRkE53QAA
.casalemedia.com/ Name: CMPS
Value: 5181
.casalemedia.com/ Name: CMPRO
Value: 5181
.technoratimedia.com/ Name: tads_ipv6
Value: 2a03:1b20:b:f011::2e
.gumgum.com/ Name: vst
Value: e_3ab4a4b6-a58c-4254-8abe-54555635ddbb
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsrAwMzY1tzS0NBHiM9TNzQj3N_B0K_DPCPQCAHuYTjslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsrAwMzY1tzS0NBHiM9TNzQj3N_B0K_DPCPQCAHuYTjslAAAA
.servenobid.com/ Name: pid_312
Value: 1703393660974163132
.servenobid.com/ Name: pid_309
Value: e_3ab4a4b6-a58c-4254-8abe-54555635ddbb
.smartadserver.com/ Name: pid
Value: 5945908886327755583
.servenobid.com/ Name: pid_310
Value: G_cDtRZH7KXJ5lahTsyJNhWl
.servenobid.com/ Name: pid_333
Value: ZLQjv0Rt8zi6KxDvRkE53QAAFD0AAAIB
.servenobid.com/ Name: pid_324
Value: 5107433828863579194
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1690675200%3A235_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1690675200%3A13_21_56_161_46_54_251_8_220%7C1690761600%3A35
.bidswitch.net/ Name: tuuid
Value: cec7e2f7-eb18-4e41-8cae-15dabbef1b6f
.bidswitch.net/ Name: c
Value: 1689527231
.bidswitch.net/ Name: tuuid_lu
Value: 1689527231
.openx.net/ Name: i
Value: 585e8f52-3fd2-4511-924c-dd94c1a285f0|1689527231
.servenobid.com/ Name: pid_317
Value: 5945908886327755583
.creativecdn.com/ Name: u
Value: PCx90RSeVwCBgeJM2NCs
.creativecdn.com/ Name: ts
Value: 1689527231
.turn.com/ Name: uid
Value: 2346221417666266858
.servenobid.com/ Name: pid_316
Value: E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
.csync.loopme.me/ Name: viewer_token
Value: f3e286a4-3246-4601-bb57-003d324d1067
.adfarm1.adition.com/ Name: UserID1
Value: 7256464202877761691
.quantserve.com/ Name: d
Value: ENQBCwG9KfijAA
.quantserve.com/ Name: mc
Value: 64b423bf-d0a56-de292-ccdff
.weborama.fr/ Name: AFFICHE_W
Value: Nwt3taQCz-g390
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.simpli.fi/ Name: suid
Value: 317F0B4C0A6E4EBAAC10BB996C32E086
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZLQjvwABU1BsXQAb
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433828863579194
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-8cc47e64-1532-3073-ae1b-917c140e6f54
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X&KRTB&19420-i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X&KRTB&22979-i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X&KRTB&23403-i3OarY90mv-QI8j4iHHV_dh1wauQJJv92yEjSU8X
.de17a.com/ Name: guid
Value: 1.4269914026473427936
.servenobid.com/ Name: pid_353
Value: 0000EEA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENNcrjXqx5_tosHvYqkKtC8&KRTB&16514-CAESENNcrjXqx5_tosHvYqkKtC8&KRTB&23025-CAESENNcrjXqx5_tosHvYqkKtC8&KRTB&23386-CAESENNcrjXqx5_tosHvYqkKtC8
.servenobid.com/ Name: pid_346
Value: ua-8cc47e64-1532-3073-ae1b-917c140e6f54
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-beb6e022-1668-478f-8c2e-cd407d37b339-003%22%7D
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: tuuid
Value: af8ef094-3336-417b-b157-4a6cafeb9aa5
.360yield.com/ Name: tuuid_lu
Value: 1689527231
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4269914026473427936
.servenobid.com/ Name: pid_321
Value: RX-beb6e022-1668-478f-8c2e-cd407d37b339-003
.rqtrk.eu/ Name: browser_id
Value: 1:c2f86774-6f16-4614-98ae-7c987aac159f
.adform.net/ Name: uid
Value: 2407763652132818904
.go.sonobi.com/ Name: HAPLB8S
Value: s85133|ZLQjw
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6515876097282188256&KRTB&23263-6515876097282188256&KRTB&23481-6515876097282188256
.pubmatic.com/ Name: PugT
Value: 1689527230
.servenobid.com/ Name: pid_362
Value: GDPR
.zemanta.com/ Name: zuid
Value: cx0gUpUFTRqfRChG1oDZ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 447c0d2dbfea8b83
pool.admedo.com/ Name: tuuid
Value: 356a0356-b8dd-4c4b-8b30-caff3016ad84
pool.admedo.com/ Name: c
Value: 1689527232
pool.admedo.com/ Name: tuuid_lu
Value: 1689527232
.ipredictive.com/ Name: cu
Value: f0a7105c-b31e-493c-9bbf-f52d940d3386|1689527232094
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-509fb14b-441d-5aff-7690-ac8d91ea7349.3hIdqF%2FLIEVTX4WkBG0LJfBLkIkcMOXbdShmYc3oSgM
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUJ-xS0QdWv92kKyNkepzScEg-N4.AExO9z8z0jweqJ8bwVtJqhpQvikpd3bhsxyaLQkjlIU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUJ-xS0QdWv92kKyNkepzScEg-N4.AExO9z8z0jweqJ8bwVtJqhpQvikpd3bhsxyaLQkjlIU
.liadm.com/ Name: lidid
Value: a49bc384-6e8d-41d3-bd0b-6d21d42997fd
.outbrain.com/ Name: obuid
Value: 80121ad9-25f8-4480-adc3-c710ab34286b
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-beb6e022-1668-478f-8c2e-cd407d37b339-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.quantserve.com/ Name: sp
Value: CgwIuYoDEgYIwMfQpQY=
match.sharethrough.com/ Name: AWSALBCORS
Value: Vm9KHDdxzJjWCPLX5Gwy8LADC7f3j7AEae4cDF6jET9YkRa4YL0wYtkiexvdlX2oRGmkifqlaGJdN8pQLXZQDM/7uab9Bz7bf8L6F1qDUEXc40XtlfxaNpQJSfmS
.smartadserver.com/ Name: csync
Value: 22:2407763652132818904|49:7256464202877761691|124:f3e286a4-3246-4601-bb57-003d324d1067|139:0
.amazon-adsystem.com/ Name: ad-id
Value: A0Q6LFGmZkkrjKMfuX_grew
.bluekai.com/ Name: bku
Value: ikG9919M+sxAgR/S
.sportradarserving.com/ Name: zuuid
Value: 95af5e9b-164e-44d5-a36a-f4e292821a1c
.sportradarserving.com/ Name: c
Value: 1689527232
.sportradarserving.com/ Name: zuuid_lu
Value: 1689527232
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1689527232
.rezync.com/ Name: zync-uuid
Value: 19b41951-2ebb-4c46-9ee0-37466dd20337:1689527233.0246456
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByxWAMAgEwIvt4OOzLGI5SWjEyp35rrJesE4Tn7UEG5SeUYkCeY5rRL3Gp9PLI251EMkfIOIRvjoAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMOxGAMBBF0UEAFQUqwmR_b1nkhMQQJSUSkIEqOjKUp7j3HkbCGsbOQu44JqcoSmGUuJWSdFekaC0ncQVq5Szi2xfJklmhhnPqJxHS62975m5m0AufTK0UegAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNyjsOwyAMANC7eA4VxsZ8LhOV4AG1oVVIlka5ezM-6Z0wf3Vbn137DnnfDp1gebdbA_IJo_1WfUEGjzYwUXQxCvmQMDFcEwwdo3363Op9MBXG5NE4LcXwwmKSqjUUWKRWZ4lCRonJu-CIHtaxsBe4_qD2JRk.ZLQjwQ.VKzD_K2RTGQnLWJESg7lMB_Nrto
.rlcdn.com/ Name: rlas3
Value: y3XUxq4Xd8WUs8KTwsyf41a1gRLBY6dmIPbjJ/kk9JU=
.rlcdn.com/ Name: pxrc
Value: CMHH0KUGEgUI6AcQABIGCLrqARAA
.pubmatic.com/ Name: SPugT
Value: 1689527233

13 Console Messages

Source Level URL
Text
javascript warning URL: https://w1.areturnersmagic.com/(Line 643)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.areturnersmagic.com/(Line 643)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E1ABFCBB-17B8-4DE2-B898-FE405B7B94A6
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3ab4a4b6-a58c-4254-8abe-54555635ddbb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adsdk.microsoft.com
adsdkprod.azureedge.net
adservice.google.com
ams3-ib.adnxs-simple.com
ap.lijit.com
api.purpleads.io
areturnersmagic.com
assets.a-mo.net
avatars.mds.yandex.net
b1h-euc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
bs.yandex.ru
c1.adform.net
casale-match.dotomi.com
cat.fr3.eu.criteo.com
cdn.adnxs-simple.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.prplads.com
cdn.purpleads.io
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hbx.media.net
i.liadm.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
img.onesignal.com
ipac.ctnsnet.com
live.rezync.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mwzeom.zeotap.com
odr.mookie1.com
onesignal.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.admanmedia.com
public.servenobid.com
pubmatic-match.dotomi.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.nl3.eu.criteo.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vengeful-egg.com
w1.areturnersmagic.com
warlockstallioniso.com
wt.rqtrk.eu
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yandex.ru
yastatic.net
a.tribalfusion.com
cm-supply-web.gammaplatform.com
pixel-eu.onaudience.com
13.32.99.31
13.32.99.50
141.94.170.64
141.95.32.71
142.250.185.194
145.40.97.66
15.197.193.217
151.101.130.49
151.101.65.108
178.250.1.9
178.250.7.9
18.195.140.8
18.195.46.16
185.184.8.90
185.255.84.151
185.80.39.216
185.86.138.153
185.86.139.104
185.89.210.122
185.89.211.116
192.243.59.20
193.0.160.130
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
2.18.161.178
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
202.241.208.55
208.93.169.131
213.155.156.182
213.227.153.220
216.52.2.39
216.52.2.48
23.218.164.71
23.218.210.30
23.22.136.75
23.35.236.201
23.88.86.2
2600:9000:223f:1e00:1f:4c18:bd40:93a1
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:1857
2606:4700:20::681a:8a9
2606:4700:20::ac43:4a5d
2606:4700:3031::ac43:a32c
2606:4700::6811:180e
2606:4700::6812:372
2606:4700::6812:d63b
2606:4700::6812:d73b
2606:4700::6813:9f13
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:bdf::45
2a00:1178:1:4b::1a
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::4
2a02:26f0:f700:9::58dd:5c18
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::36
2a02:6b8::90
2a02:6b8:a::a
2a02:fa8:8806:13::1400
2a04:4e42:200::485
2a05:d018:24:b002:5b08:cd2d:1e37:b69e
2a05:d018:d29:3605:4d2e:1255:2706:70af
3.220.208.235
3.227.161.48
3.75.62.37
31.172.81.158
34.102.163.6
34.102.253.54
34.111.129.221
34.111.131.239
34.160.236.64
34.232.60.228
34.239.32.238
34.254.137.118
34.95.81.168
34.98.64.218
35.186.193.173
35.204.74.118
35.210.53.219
35.214.141.39
35.244.174.68
37.157.4.25
38.91.45.7
46.228.174.117
51.89.9.251
52.21.85.14
52.210.15.1
52.213.109.107
52.3.201.139
52.30.162.52
52.46.143.56
52.58.212.116
54.174.190.28
54.194.182.208
54.239.33.158
54.76.205.5
63.251.232.165
64.227.64.62
64.74.236.255
65.9.66.64
66.225.223.95
69.166.1.10
69.173.144.165
69.173.151.100
69.192.160.219
70.42.32.31
77.243.51.121
77.245.57.72
8.2.109.168
80.77.87.166
82.145.213.8
85.114.159.93
98.98.134.243
00c8fcbed47b67ad7cdfabbe08c99f92d1e31efae6d804aa6f2fabd79068bb0a
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
03550257f08a2c2d490bec7fd42d6758f27803b123b4297e2bf75eb4d75c8af0
0359faff623bdf7d6cc2335c648947e2f808b6093c1a5b0780971ef4c67516d0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b370792a8ddbd5ece7e5b25df962a4eee453a66261d8be93836216a2a649395
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
109400e0c2064f54865884f447d8c3baac3e222474c684d4a2657a736fdae7b5
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
1690266a4def354da2feda545468781eefe065dab28c28e115ef23160308206b
16f956e8eb1e9f95f89e217acc6639d0a2e0e147d162f1e0a69cc7b2cd4b7cfe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19c4179b3c5244055a89f097104e596c752e83fcbf693e30922abc045bad1e79
1b748fe08136f43cfd413a9d99de5b721cc5ce2d53706babe4496638c1e0dad7
1b809aadf8f6ce523c996af8905ad3dcf79dee6e01bdcdabb164fc2ee7afdd11
1bd1a36997b98708282a92fe575ae9ccfcd6cf2e01f49e3f1788d3b60093b522
1cbee518f6314d565c81f72af6f09dbc74cc770fce1a02a90b52c2c2dd480985
1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21
22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9b1c55f78bb3f29b837465a42c11b0bf7928e6eee2cc2c6760efbba6d3fe99
307968d2a0fb120d0f7e3778a8e6c174bafaf921443b551eef93b052ebea30ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3ad6607d341d110ad06dc2c4cdbf24d30ba15d46ce2f9f811e2e743f32aed3d4
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b8c82e1a32337e150164886ef2dd2761fc41c86ee4f6f98b6b3bc408623fc81
3bfa49ee4e1a2fba0b7d35cddf9560f1be07546565cebb86d47d1fcc6ee2cc69
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
4308c2556e36584130e9e9736cde21520adc46d3ef85a698a05f1349def7883b
45118c26b74b8194dfc3fd248241e4849e89ae15d8c9f69b05562abde33d54ba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d17de63711829a3c39b6ec6b7dea5543d1f3a54fca9becc87948f717830fdca
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
542b21b66c0c66650fde4d3d310c50b8a1f572cbdc02f85961d553b82000a6ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d9f31aec627a570715f2a8518d511021f0101b0a7b7ca6f370e33580d2a848
57d5d7afc110a8c6f62304b7f4bf515924f785d748dc36bce24ef6a60c50a6a6
5c085c433b0157cd98e1a611f43dd215b430182c65bf1fad6d1749a7554792dd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ceb36a4c422793ab2fe65ed2400ec0d5caff21d4c3a7657d7533a650cacf3fe
5cfda0c76623c5425ca18f09d38364b7fc8a2361d7b00eb3401f8233cdf879d2
5d1db849191260344cb54219263c7cded1ace0c999c3a347ef0089a169126ad2
5d44f0d97bb99c7080b40520988f695eba339fcf254a993b13a8261c4585a6b4
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6146e850afd9ba2175c55d58300dd7412223a95c7987cdbad5eee5060a6b3adf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6831e309a4dd65b8dda9edccec264a8817f9d89b1c241db9be67458e2c46f452
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6aa9cec358fa983442aec05763c0fbbbe874f8c4cf429a46b9ef528f297f1363
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
71dfc9c86dd242f1fee1d59e79221b374901bee0c60151d5a3ac1f10340a004c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
735c6647be79a57ed6a415de4ed44961b02599b9475e6d0506f6017240744129
76b510fba4ae1cd55f5986483e4fa377623d818b10f6363bb9f0ed483cfc2098
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8063e5a51719c58189c7d5209a5f37b34d14764198145a3f84bfd11c062f11d2
819d2e67c083da04e6e95e9792723d2a97b722e52a6606e3179882ac9f7db02b
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
83ab2b60ef63aa7eb84bde32443c900795f1988860ca207535d3fc39b4d3ee02
84aee1389bed8015a16786afc6291a15b479b7a28189832c06dbb0db35a5424f
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
85fc7b3ab4fb0eb43390a90fc540ce793cf4611909cc20cd85c6cf377bbb1861
8698e31ac7ee2d78cfa9afce9dcbff75786269fe157c2bb4cc6affe1bc0a72fd
87b270620fc6dfe6d6efe22c3d3e46046669195742f7fba7d3e0fe70a552206e
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa80eba48486afcecb8738f2027af0ea8ccfe237b9bc44d337c5d28656423a5
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d876fed1ee72f5837d4002ffdca04926e77278c0e9398282459f4d63525d1c3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918076b5fd4a1641421a729fb24d72c3fdc17169b478a84f43556233f0ac58f7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945
989ec007d495c0537f3ba03cdce123ce8fdf2485276c8346a747e00348c3ce3d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9902d73d9b8e0ccddbbb4ca229ce487a6ac8c12c391ea05b1704726058823846
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be
9dd3a1326f714eee263d0cf46a7d3e04da82774573de40c6a2ff9094654e7dbd
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a178e68d6d61e81cfc027a8d76d89cd6b517becd4a48af24bbb99acbb4e3ddc4
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b8c130aadb13dcf289d7319edc5169863f166ab4cd4b233a2a9b21fbc2af77c3
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
ba7fd83d0359f27975395f10fc08725fec3990cedf1a56a670e92437c2d0bff7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf0850e3e549015b2804a27c8deb6e6a19186e7d711d920457d1f6f640520621
c0e728de985744f96410651b7d313117838277e7308d5cc62381d131442d145e
c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c270e44131dcc18463007a913d8c5db258f201ff507526066f84735df004865e
c299f59cc32b145a4a856d8654be666b34a7c07200a5f012514921c35b7fffc1
c430962fa3dd8f77cfe09eb143f92fccb2df834471f9f5ddc9bef100e0bffcc7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c661376fd6275029eba6e35e45ab10a8f70b857fb53dcf442781ab3937231b7f
cc790a10c17f5c951fd0dd8dbcb9ed7a583704662cd9c78c80a13169edb56d0c
cd0b0fd48436d04e7ee4fbaec9c33081c5d900d7cdbde0ca20b6ea864df73a46
cebcfdadafcaffe422f7b24b84121833a05358004082ad16625cfc12d7866548
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd82f6fc030a4b38eca7176b079619808ba33965e942cf6273c18dac1ddb39c9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6775494a885d8a2df4bab566fcdaf81395e868fab6b3dd069ea8470bb624a1
df213a34514defe53474b741a6dabc593378f6c5bc500105d14d837d51408f18
df9f8bce75c6828a73a7b075d3eb5832e1f5027439ea0bee1a02c5974f96177d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40158b722a1dd6f4126a32292e5281e026c3a011124aaaa31911292aeebb4d3
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eab1597125516abc6851199d7255cd4e76f1903d5fcf34e291c29c68289e9822
eb612bc521384c335593b6cbd763b0847f6d5044d3e68d1e755a036062da1b29
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
fcfa354ded10aa44e8368f6fdf0866e40daf51adefc8746e29bf6e09b73d7970