urlscan.io logo urlscan.io
SecurityTrails logo

elgoog.im Open in urlscan Pro
76.223.126.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Effective URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Submission: On October 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 9 countries across 59 domains to perform 163 HTTP transactions. The main IP is 76.223.126.88, located in United States and belongs to AMAZON-02, US. The main domain is elgoog.im.
TLS certificate: Issued by R3 on September 27th 2021. Valid for: 3 months.
This is the only time elgoog.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 76.223.126.88 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
17 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
22 151.101.65.44 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 94.31.29.32 33438 (HIGHWINDS2)
1 3 13.225.87.63 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 13.224.186.4 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 54.246.172.223 16509 (AMAZON-02)
2 6 37.252.172.123 29990 (ASN-APPNEX)
1 7 35.244.159.8 15169 (GOOGLE)
1 178.250.2.131 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 51.38.120.206 16276 (OVH)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
1 2a04:4e42:600... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2620:1ec:46::44 8068 (MICROSOFT...)
1 2.18.232.130 16625 (AKAMAI-AS)
3 3 185.29.134.248 30419 (MEDIAMATH...)
1 1 2620:116:800d... 16509 (AMAZON-02)
4 4 37.157.4.29 198622 (ADFORM)
3 5 76.223.111.131 16509 (AMAZON-02)
6 8 142.250.185.194 15169 (GOOGLE)
1 19 52.18.52.16 16509 (AMAZON-02)
2 67.202.105.22 32748 (STEADFAST)
1 6 185.86.138.119 201081 (SMARTADSE...)
3 8 2.18.234.21 16625 (AKAMAI-AS)
3 3 72.251.249.9 29791 (VOXEL-DOT...)
6 6 213.19.147.44 26120 (RHYTHMONE)
1 18.213.12.146 14618 (AMAZON-AES)
3 3 193.0.160.128 54312 (ROCKETFUEL)
1 178.162.133.149 60781 (LEASEWEB-...)
5 5 147.75.38.124 54825 (PACKET)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 37.252.173.62 29990 (ASN-APPNEX)
8 8 3.69.77.40 16509 (AMAZON-02)
2 2 96.46.186.57 7979 (SERVERS-COM)
1 1 34.204.22.100 14618 (AMAZON-AES)
5 6 64.202.112.191 23352 (SERVERCEN...)
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 54.159.94.231 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 52.58.206.142 16509 (AMAZON-02)
1 2.18.233.180 16625 (AKAMAI-AS)
1 3 23.37.42.132 16625 (AKAMAI-AS)
2 2 151.101.194.49 54113 (FASTLY)
1 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.53 ()
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 2 209.54.177.54 16509 (AMAZON-02)
1 135.125.160.160 16276 (OVH)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 69.173.144.139 26667 (RUBICONPR...)
8 2.18.232.170 16625 (AKAMAI-AS)
1 2.18.235.40 ()
163 49
4    76.223.126.88 (United States)

ASN16509 (AMAZON-02, US)
elgoog.im
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2606:4700:3037::6815:4aae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.elgoog.im
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
22    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
c3.taboola.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
3    13.225.87.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-63.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    13.224.186.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
10    54.246.172.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
ads.servenobid.com
6    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
buysellads-d.openx.net
eu-u.openx.net
us-u.openx.net
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
8    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
19    52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
6    185.86.138.119 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
8    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    18.213.12.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-12-146.compute-1.amazonaws.com
jadserve.postrelease.com
3    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
5    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
8    3.69.77.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-77-40.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-22-100.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
sync.outbrain.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    54.159.94.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-94-231.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    52.58.206.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    202.241.208.53 (None, )

ASN- ()
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
8    2.18.232.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-170.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
1    2.18.235.40 (None, )

ASN- ()
z.moatads.com
Apex Domain
Subdomains		 Transfer
24 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
c3.taboola.com
pips.taboola.com
cds.taboola.com
788 KB
21 elgoog.im
elgoog.im
cdn.elgoog.im
71 KB
19 gumgum.com
g2.gumgum.com
rtb.gumgum.com
6 KB
11 servenobid.com
ads.servenobid.com
public.servenobid.com
6 KB
11 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
121 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
23 KB
8 bidswitch.net
x.bidswitch.net
3 KB
8 casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
9 KB
7 addthis.com
s7.addthis.com
m.addthis.com
api-public.addthis.com
218 KB
7 openx.net
buysellads-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
6 smartadserver.com
ssbsync.smartadserver.com
4 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
41 KB
5 a-mo.net
prebid.a-mo.net
2 KB
5 adsrvr.org
match.adsrvr.org
2 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 pubmatic.com
image2.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
6 KB
4 1rx.io
sync.1rx.io
2 KB
4 adform.net
c1.adform.net
2 KB
4 onetag-sys.com
onetag-sys.com
2 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
6 KB
4 4dex.io
script.4dex.io
mp.4dex.io
24 KB
3 rfihub.com
p.rfihub.com
2 KB
3 lijit.com
ap.lijit.com
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 buysellads.net
cdn4.buysellads.net
200 KB
3 gstatic.com
fonts.gstatic.com
52 KB
2 sitescout.com
pixel-sync.sitescout.com
611 B
2 creativecdn.com
creativecdn.com
695 B
2 everesttech.net
sync-tm.everesttech.net
627 B
2 360yield.com
ad.360yield.com
615 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 betweendigital.com
ads.betweendigital.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
942 B
2 33across.com
pixel.33across.com
ssc-cms.33across.com
2 criteo.net
static.criteo.net
54 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 jsdelivr.net
cdn.jsdelivr.net
42 KB
1 addthisedge.com
v1.addthisedge.com
802 B
1 moatads.com
z.moatads.com
1 KB
1 dyntrk.com
gu.dyntrk.com
215 B
1 socdm.com
tg.socdm.com
689 B
1 emxdgt.com
cs.emxdgt.com
1 deepintent.com
match.deepintent.com
44 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 yahoo.com
pr-bh.ybp.yahoo.com
834 B
1 contextweb.com
bh.contextweb.com
383 B
1 bluekai.com
stags.bluekai.com
1 KB
1 stackadapt.com
sync.srv.stackadapt.com
604 B
1 opera.com
t.adx.opera.com
491 B
1 sonobi.com
sync.go.sonobi.com
478 B
1 postrelease.com
jadserve.postrelease.com
427 B
1 quantserve.com
pixel.quantserve.com
498 B
1 google.de
www.google.de
522 B
1 google.com
www.google.com
522 B
1 googletagservices.com
www.googletagservices.com
26 KB
1 googleapis.com
fonts.googleapis.com
1 KB
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
163 59
Domain Requested by
18 rtb.gumgum.com 1 redirects g2.gumgum.com
17 cdn.elgoog.im elgoog.im
10 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
9 cdn.taboola.com elgoog.im
cdn.taboola.com
8 x.bidswitch.net 8 redirects
8 cm.g.doubleclick.net 6 redirects eu-u.openx.net
g2.gumgum.com
6 ssbsync.smartadserver.com 1 redirects public.servenobid.com
ssbsync.smartadserver.com
6 ib.adnxs.com 2 redirects cdn4.buysellads.net
acdn.adnxs.com
ssum-sec.casalemedia.com
5 prebid.a-mo.net 5 redirects
5 match.adsrvr.org 3 redirects eu-u.openx.net
ssum-sec.casalemedia.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 sync.1rx.io 4 redirects
4 c1.adform.net 4 redirects
4 onetag-sys.com cdn4.buysellads.net
public.servenobid.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 c.amazon-adsystem.com cdn4.buysellads.net
c.amazon-adsystem.com
4 trc.taboola.com cdn.taboola.com
4 elgoog.im elgoog.im
3 api-public.addthis.com s7.addthis.com
3 s7.addthis.com elgoog.im
s7.addthis.com
3 p.rfihub.com 3 redirects
3 ap.lijit.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
ssum-sec.casalemedia.com
3 us-u.openx.net 1 redirects eu-u.openx.net
3 sync.mathtag.com 3 redirects
3 eu-u.openx.net cdn4.buysellads.net
eu-u.openx.net
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
elgoog.im
3 cdn4.buysellads.net elgoog.im
3 fonts.gstatic.com fonts.googleapis.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 eus.rubiconproject.com g2.gumgum.com
eus.rubiconproject.com
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 secure.adnxs.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 mp.4dex.io cdn4.buysellads.net
elgoog.im
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 images.taboola.com elgoog.im
2 securepubads.g.doubleclick.net www.googletagservices.com
2 www.google-analytics.com elgoog.im
www.google-analytics.com
2 cdn.jsdelivr.net elgoog.im
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 token.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 gu.dyntrk.com ssum-sec.casalemedia.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 ssc-cms.33across.com g2.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 ads.pubmatic.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 t.adx.opera.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 jadserve.postrelease.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 pixel.quantserve.com 1 redirects
1 acdn.adnxs.com cdn4.buysellads.net
1 public.servenobid.com cdn4.buysellads.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 mug.criteo.com
1 bidder.criteo.com cdn4.buysellads.net
1 buysellads-d.openx.net cdn4.buysellads.net
1 c3.taboola.com elgoog.im
1 imprammp.taboola.com elgoog.im
1 15.taboola.com cdn.taboola.com
1 www.google.de elgoog.im
1 www.google.com elgoog.im
1 www.googletagservices.com cdn4.buysellads.net
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com elgoog.im
0 sync.technoratimedia.com Failed g2.gumgum.com
163 89
Subject Issuer Validity Valid
elgoog.im
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-14 -
2022-08-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.dyntrk.com
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh

This page contains 25 frames:

Primary Page: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Frame ID: AE2E2A4445757682009587396B28D671
Requests: 89 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=DC7195B06A40734752271802376&cicmp=1337627&cijs=1&dast=V716UCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMThLZarCWG2IA12m9FutVgsZ4PRaLTbTJaQMIvFYjSZrYZTMNjC53R3t0ECTafD57rXq8w-v99nV7r9cgAAAAB4ACBqiYbY8W1ojwAAAACQ4Bm5VqAIqPi3ELgAAAAAwAAgEAvXAIDiIICz3-4PAIAHBRAAAAGMEAAocSYRAAAAgBEAAAAAEgCBxMISAIe7RRMAgAC-pRhkpxMAAICDOpmnbZb_____GIC89yYZAIq0jRuDHoAHH4AHIQAAgI8h4X1mgH8AWlqiAtQiRgAAAABOL9AfR5M6obKo-v___7cCuAIACOBbikF-y7o5KWYNAwAAABhboIfF7zc77Bq_22X__________2b_ZwBoQlij12lBJrhSajwj1wprv4AAAGzvBgDwJgAXcwB2AAAAAHf_____eQAAAAF7lGyv1Xj2KOt9Blv4nO7u-k3YYrSaTDbL4Wy5mAyGo-FotD-B3AxwIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDfGg6lw6n1en4sF8XM597cJHhhvORbu5ZDCcaxarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Frame ID: 4C627FE8948044C53D463736C5B6756D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=elgoog.im
Frame ID: E4B9FA0430CA44BA5FD96514C898EC10
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 0281A823DB17E6DB72E9A9E24D15AEB8
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1633349126701
Frame ID: 28D26F040478DF63805DEC4A8DA7F4C3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 461F3E5E42A71970779BB199ADF78342
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Frame ID: 8D05F3326F9B05E2B8A2137EAC9E85B1
Requests: 7 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: ABF9DE274E2DFC74B22BE96EAA1E2344
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 1F41258D7E4C6B8D83A181E5A9639A1D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 13F2680E57C1A45B760040E86C9482E1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F9B8E7541248E2CB13132076E3110D5F
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: BDB47D70F177D509B26D7A6A34CBF083
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 73633F33B62F1D5903BCA68926E37711
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=a98b6da6-b98c-4ead-8dd1-0c2292689141&t=1635941130
Frame ID: 0DA4C12FEDB380820FCBFFD0CE93B6EF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: CEF1CC0E14BCF599EB48C9EB61FCA623
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=98ab615a-ee09-4900-9231-2ae61daa5d7d&gdpr=0&gdpr_consent=
Frame ID: 705A6A987F7A9E3A6F2C6910B32EBC63
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YVruCgAAAd6SUAAR&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR
Frame ID: FBA31B644CDE532B1753547D7803D469
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYzg2MmM1Yy04MzA0LTRjMDYtYWQ0Ny1iZjhiMGM3N2I5ZTY=&gdpr=0&gdpr_consent=
Frame ID: 9F2FA4A7D7D7665EB907C6576F14BD63
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 0FD5158EB63B1EC1DDBC164899898DE6
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 5D9E88DC319EF7F4C5B655841574F9C6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YVruCsCo5tAAAN6prj8AAAAA
Frame ID: 6BC9AFCCC4C3CA6B1C91409D39A0C8A8
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827874216029864
Frame ID: 302D95538B97E5DA6B5B61700A98CFE8
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=8ZFBKdSMMjz3VHr2Hfkr&pi=gumgum&tc=1
Frame ID: 9749C3BD8A6DAB14E2D373E74B5B7A2C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 99CF1E6EF3530DFFA325B1A1FDE9497C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 97A9F38E96C6B7A9E43BB9BE7A385652
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Google Search Mirror - elgooG

Page URL History Show full URLs

  1. http://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search HTTP 307
    https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

163
Requests

97 %
HTTPS

24 %
IPv6

59
Domains

89
Subdomains

49
IPs

9
Countries

1729 kB
Transfer

4565 kB
Size

70
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search HTTP 307
    https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1633349125807&ns_c=UTF-8&cv=3.5&c8=Google%20Search%20Mirror%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633349125807&ns_c=UTF-8&cv=3.5&c8=Google%20Search%20Mirror%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&c9=
Request Chain 78
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=elgoog.im&sn=ChromeSyncframe&so=0&topUrl=elgoog.im&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Pd3Usnw4OTBxS3dQTkI0S042cmlqNFJiRXpObmZ5N1J1UW1PRHpEN1NkSy9ubXFDTkxmL3VjYXI4alBvQ0lHd1hPeVI2aElwWngzWmNWWUFwM2FGSUZZTUJkRmkyQjVIWlFLbVl5YkcyMzdNZnVneStuTWVvOGRBVk95ekdQVDZ3aGV4c1gydysxYmx1dXJBUVpSZVkwVXlrT3BlZGp5ZHJzSGRBWGlvVHBhVkZjZng4ZEZKVHVOSkhVcis2NFVVWXhKSUp0bUxjUHlJalgwbTZxYVJLUGN3aEdpdU5DZGpLL3hBRW4zaXdHZ3VKNjFoelhvTWNJVkhwQ2ExNzFXK0djRExBWHVzcmpHYUNVSUE1OE9yMkpaUllUUT09fA&cppv=2
Request Chain 87
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=98ab615a-ee09-4900-9231-2ae61daa5d7d
Request Chain 88
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rAFtA_9VaFu3VGgA-VR1AKgBYQa3BWhV_lXf6CRi
Request Chain 89
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4472295678925414128
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDQyY2ExMTEtYjc1Ny02OWZmLTdhNTctYzYzYzIyMGU5NTg3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDQyY2ExMTEtYjc1Ny02OWZmLTdhNTctYzYzYzIyMGU5NTg3&google_tc=
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOA4nFuMcLKlBNNZ1Q6ZBS0&google_cver=1
Request Chain 98
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 99
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7636244950887096625
Request Chain 100
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=2656825202f49a56ea5b0251
Request Chain 101
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4818143132 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4818143132 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a98b6da6-b98c-4ead-8dd1-0c2292689141 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
Request Chain 103
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=a88f3182eb10d6802df9adfd5a62ee3c7d29a66a
Request Chain 104
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=2159827874216029864
Request Chain 106
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D$UID&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/cchain/0?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7636244950887096625&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D$UID&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 307
  • https://prebid.a-mo.net/cchain/1?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=sovrn&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0=&gdpr=0&gdpr_consent=&us_privacy=1---&uid=2656825202f49a56ea5b0251 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/cchain/2?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=YVruCjNNqQT.om9yXtFquQAA%261163 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=pubmatic&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid= HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 107
  • https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?operaUid=82f89005d2694e238057aa336a94849f&pid=335&uid=
Request Chain 108
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7636244950887096625
Request Chain 109
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=7de9e299-44e6-5315-af32-fc1ace681210&ssp=gumgum2&expires=30&user_group=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=5d5a9be0-04fc-4637-a05a-89429c9c70b0
Request Chain 110
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-1b56997d-3c79-4406-6065-274e8c14ee0d$ip$78.47.208.31
Request Chain 111
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=B2FjY4a1ufj4aiLpZNdX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QRSIZVFSNDBGF2WM2RUMFUUY4C2JZSFQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QRSIZVFSNDBGF2WM2RUMFUUY4C2JZSFQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=B2FjY4a1ufj4aiLpZNdX&us_privacy=1---
Request Chain 112
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003&rndcb=6207850254 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003&rndcb=6207850254 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5d5a9be0-04fc-4637-a05a-89429c9c70b0&google_hm=NWQ1YTliZTAtMDRmYy00NjM3LWEwNWEtODk0MjljOWM3MGIw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJ6P4Gr0JZD1wRBgHjFqgys&google_cver=1&ssp=adconductor&bsw_param=5d5a9be0-04fc-4637-a05a-89429c9c70b0 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5d5a9be0-04fc-4637-a05a-89429c9c70b0?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
Request Chain 113
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=mYUIcMDzllal&ev=1&pid=558355
Request Chain 114
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28qkfJwIw5jjZSaDKsw25_cX9yGQJ3BsyXDt_TeiyudfZcafls-_lGntIMuTLtD1xF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28qkfJwIw5jjZSaDKsw25_cX9yGQJ3BsyXDt_TeiyudfZcafls-_lGntIMuTLtD1xF%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&obuid=ENC(qkfJwIw5jjZSaDKsw25_cX9yGQJ3BsyXDt_TeiyudfZcafls-_lGntIMuTLtD1xF) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=qkfJwIw5jjZSaDKsw25_cX9yGQJ3BsyXDt_TeiyudfZcafls-_lGntIMuTLtD1xF HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=outbrain HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4472295678925414128&ssp=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=5d5a9be0-04fc-4637-a05a-89429c9c70b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 115
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=0f7ed6ab-5635-0f0d-08cc-8c6820bc5aa1
Request Chain 116
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-s0livxJE2pcUb3OaU0xItlii7vYn1ypTyqCM~A
Request Chain 117
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=5ea5ba38-250b-11ec-89be-9dff15d95565
Request Chain 120
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=e93e3927-917b-485c-aabe-c51779ece454
Request Chain 121
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=6516540702050882901&gdpr=1&gdpr_consent=
Request Chain 124
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=a98b6da6-b98c-4ead-8dd1-0c2292689141&t=1635941130
Request Chain 125
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 126
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=98ab615a-ee09-4900-9231-2ae61daa5d7d&gdpr=0&gdpr_consent=
Request Chain 127
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YVruCgAAAd6SUAAR&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR
Request Chain 131
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YVruCsCo5tAAAN6prj8AAAAA
Request Chain 132
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827874216029864
Request Chain 133
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=8ZFBKdSMMjz3VHr2Hfkr&pi=gumgum&tc=1
Request Chain 135
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7636244950887096625&gdpr=0&gdpr_consent=
Request Chain 136
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=64&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D68%26partneruserid%3D%7BuserId%7D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
Request Chain 137
  • https://sync.mathtag.com/sync/img?gdpr=0&gdpr_consent=&mt_exid=39&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=98ab615a-ee09-4900-9231-2ae61daa5d7d
Request Chain 138
  • https://c1.adform.net/serving/cookie/match?gdpr=0&gdpr_consent=&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=4472295678925414128&gdpr=0&gdpr_consent=
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVruCjNNqQT-om9yXtFquQAABIsAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECFyw_OOk_1hO8XAM8NFJOA&google_cver=1
Request Chain 141
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVruCjNNqQT.om9yXtFquQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLqDi1OVNGxNbAZrw4rErY&google_cver=1&gdpr=1&google_hm=2
Request Chain 142
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVruCjNNqQT-om9yXtFquQAABIsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVruCjNNqQT-om9yXtFquQAABIsAAAAB&dcc=t
Request Chain 143
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635941130
Request Chain 145
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827874216029864

163 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
elgoog.im/search/
Redirect Chain
  • http://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
  • https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.126.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
09a26dbb3f93206de4b417ffa51364fe0c6b8fbf30fe88578abe88683f9d118f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

:method
GET
:authority
elgoog.im
:scheme
https
:path
/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=63072000; includeSubDomains; preload
link
<https://fonts.gstatic.com/>; rel=preconnect; crossorigin
content-disposition
inline; filename="index.html"
cache-control
public, max-age=0, must-revalidate
access-control-allow-origin
*
etag
W/"09a26dbb3f93206de4b417ffa51364fe0c6b8fbf30fe88578abe88683f9d118f"
x-vercel-cache
HIT
age
66583
server
Vercel
x-vercel-id
fra1::6jfjb-1633349125609-e20739fdf6c1
content-encoding
br

Redirect headers

Location
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Non-Authoritative-Reason
HSTS
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cbbd733dbb554ef0ec3db903b2e1ba4d6ceff69b6882236fd422f94460b2ffb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 11:34:41 GMT
server
ESF
date
Mon, 04 Oct 2021 12:05:25 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 04 Oct 2021 12:05:25 GMT
main.css
elgoog.im/assets/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/assets/css/main.css
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.126.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f24a0c6e4ba86eb57c55dfbf3ba39cf97114fccc38760f33c21975a23e6750f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

:path
/assets/css/main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
elgoog.im
referer
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
server
Vercel
age
66346
x-vercel-id
fra1::6jfjb-1633349125643-3085549f4081
etag
W/"f24a0c6e4ba86eb57c55dfbf3ba39cf97114fccc38760f33c21975a23e6750f8"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.css"
x-vercel-cache
HIT
link
<https://fonts.gstatic.com/>; rel=preconnect; crossorigin
gserp.css
elgoog.im/assets/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/assets/css/gserp.css
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.126.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1b0519f1cc6c4af010b701cbeef89c88c8f0870bd21c483a313644067796e9fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

:path
/assets/css/gserp.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
elgoog.im
referer
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
server
Vercel
age
66576
x-vercel-id
fra1::6jfjb-1633349125643-39cd0420eef2
etag
W/"1b0519f1cc6c4af010b701cbeef89c88c8f0870bd21c483a313644067796e9fe"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="gserp.css"
x-vercel-cache
HIT
link
<https://fonts.gstatic.com/>; rel=preconnect; crossorigin
elgoog-logo.png
cdn.elgoog.im/assets/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/img/elgoog-logo.png
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf379abafd24c9a794e884287fba6ee4de1ec2350ac3f9dae9adb84750a8cd68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
970761
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6637
last-modified
Thu, 23 Sep 2021 06:26:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9pBDcMfvbF4rvaZeYptAB9Px2vR%2B1J9WF2eBvXSO8Hpu8Z6TNmcGQXsbZrG55e2rL098uzKLkLb0ojt2UkFQFwlWFe2XPuYar7HO%2BDIjLt%2Bued8YVfi0tNWwkWGaGTAZ09aP9RNNsD41f9e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
698e4743bd1e4eb0-FRA
expires
Thu, 23 Sep 2021 06:36:04 GMT
voice.svg
cdn.elgoog.im/assets/svg/ 		541 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/voice.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f6942125ba71554329b49bcaa6880a14753cd6dbf0c965f191fa24c7276128

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1042750
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:26:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aboTPuApqqeY5sanMCoHsfOAmtnPuaJOTdGz8lfRHoSb2Cd3A5TVYLm5xrgTaTacK6bxUTnieDQrUnsbNVN5o5AJrSugtxR1izByFC7dAtzFrf%2FFBWgwqmivY3KV2yOUh%2B44MA6yPhdMvexU"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd234eb0-FRA
expires
Wed, 22 Sep 2021 10:36:15 GMT
apps.svg
cdn.elgoog.im/assets/svg/ 		642 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/apps.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c5c4652853e94c755f5306c8a3256b6791e58515b8f76a0432d86f4dc44a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:22:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuvzwLzVPpeabLoBarSZpHCnqPb2s7S39ESkV%2B%2BEmUEEeWgu%2BQFpIYHxQx7eEFtA%2Fr7bxuaPawHz6t9Fya32ZSSauLrv%2F4z7WvP4wdFPeLVdRJtPY0uLvG8XqMp6roHvfTCynq%2BPh51AQNCo"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd294eb0-FRA
expires
Wed, 22 Sep 2021 10:32:04 GMT
thanos.jpg
cdn.elgoog.im/assets/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/img/thanos.jpg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9322135fa5f95c6de37d32ba5994c36161a034c936f23ab48772946d28e83790

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1542399
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15168
last-modified
Thu, 16 Sep 2021 15:38:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UayYWme2xCzFa0Uz4tebls6SRF%2FZ3N2poVZykDlrvvoGh5Gp6Yw%2FLsQsDzRANr1kvtVefKuG%2F%2Bvdyrs0guWCeAgxoC0GRl2CeX9qd7OfFTviHtoWvjk7uMVsgJuXsOmENJVGlk4LJ7d3zp7f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
698e4743bd2c4eb0-FRA
expires
Thu, 16 Sep 2021 15:48:46 GMT
logo.png
cdn.elgoog.im/assets/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/img/logo.png
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1596a6a93efa761021728a9a9bcfaf993547696023ed0b28042bae0fa10cf1b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
971314
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14171
last-modified
Thu, 23 Sep 2021 06:16:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHq%2Fk%2FSNr%2FhO5cg%2BdTRwk4jT5QdqmynIQZbysHr%2F4sw0zllo7D1XYr8pQ0EAzIRfNrVkBKBby%2BNUFKeDjJDO8p%2FRhCNGWbL2qySCOESaXb2XuwPxpM52BTI25UBLkUXEz3ehcOZHHfh1Y%2Bn1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
698e4743bd2e4eb0-FRA
expires
Thu, 23 Sep 2021 06:26:51 GMT
more.svg
cdn.elgoog.im/assets/svg/ 		241 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/more.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4cba453d787dc3db40d32cdff6d14dec5b34bf969f5a2b96873c4fd7cd5601

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
900438
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 24 Sep 2021 01:58:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1%2BTHP7XBJ0LT4DL8gRpIWv8pgqFWT0WcRn7gmEz9PCUeWAyC5qJTRpSfmUYZ2lrrmvKceNY%2Fkso8CliV5DeWXjy025qZ675WASJbNxWLId3LmTZ2EwYnPArJNcMJKrHIfT5uAC9aKbPar11"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd304eb0-FRA
expires
Fri, 24 Sep 2021 02:08:07 GMT
search.svg
cdn.elgoog.im/assets/svg/ 		301 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/search.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb0587cabae102e498ef4a2d70669bdab0408be646988f88aa3f324e6b501cd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
426183
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Sep 2021 13:42:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Bl77g9hMG18%2FjIJwtIvPL1okNK8yQo2ol%2BwwNYHwF%2FmcOE7iyiBv10QNy9fSe%2B1Vvc1PnZvLRQv5RD9lZ%2FtJBjQitSgfjNM8tTuFFHAt75CsmIBJoiOEQC8WrePIm4vKF1o60dVXTOaT6%2BY"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd464eb0-FRA
expires
Wed, 29 Sep 2021 13:52:22 GMT
jquery.min.js
cdn.jsdelivr.net/npm/jquery@1.11.3/dist/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2146854
x-jsd-version
1.11.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19178-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
698e47437b8769a3-FRA
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
259
date
Mon, 04 Oct 2021 12:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 04 Oct 2021 14:01:06 GMT
autotrack.js
cdn.jsdelivr.net/npm/autotrack@2.4.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/autotrack@2.4.1/autotrack.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2146854
x-jsd-version
2.4.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19145-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"60d8-QRhmNecSdvVfNQtmuCchg0p40iU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
698e47438ba469a3-FRA
main.js
elgoog.im/assets/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/assets/js/main.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.126.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
65f0c185cf8b3a7c520d557112d9e8ae32ec8875a3d4de31eaac83b411a301b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

:path
/assets/js/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
elgoog.im
referer
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
server
Vercel
age
66511
x-vercel-id
fra1::6jfjb-1633349125682-0c7570147b84
etag
W/"65f0c185cf8b3a7c520d557112d9e8ae32ec8875a3d4de31eaac83b411a301b5"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.js"
x-vercel-cache
HIT
link
<https://fonts.gstatic.com/>; rel=preconnect; crossorigin
loader.js
cdn.taboola.com/libtrc/iploc-network/ 		125 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/iploc-network/loader.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d951008c7bfe2d0ccaf05508b5e7515a0b918d24fd6d962d226b8508a4647a92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
QHgIWbafHhFpGkla4w63z7677NmQMMDL
content-encoding
gzip
etag
"d320b1668a9643a02caa8d719cbce325"
age
8175
x-cache
HIT
content-length
22433
x-amz-id-2
d/HH/DrHBLr+NQeAbfsgepTXvmdEkrtYSl9sZ9GHxW8q4vsme0/2RIx3bnPrK9o47dC+AV5AMao=
x-served-by
cache-fra19157-FRA
last-modified
Mon, 04 Oct 2021 09:49:04 GMT
server
AmazonS3
x-timer
S1633349126.706336,VS0,VE0
date
Mon, 04 Oct 2021 12:05:25 GMT
vary
Accept-Encoding
x-amz-request-id
J3JWJXY2CXMXJHB3
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
97
x-cache-hits
2
va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quattrocentosans/v13/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f871adc17c31230ef87ade94971fcb56a5b611fee9edf6de533535a4512c15d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://elgoog.im
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 17:00:45 GMT
x-content-type-options
nosniff
age
155080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24360
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 06:34:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Oct 2022 17:00:45 GMT
va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quattrocentosans/v13/va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f78458058ad1c379c6fbd9d5a407e2d1f0249046b195a6ec1427f7587379f51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://elgoog.im
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:06:01 GMT
x-content-type-options
nosniff
age
3564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24244
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:38:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 11:06:01 GMT
va9c4lja2NVIDdIAAoMR5MfuElaRB0zHt0_uHA.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quattrocentosans/v13/va9c4lja2NVIDdIAAoMR5MfuElaRB0zHt0_uHA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
637035a23644b455b1f1f68986bd19db7b5693e0613527602b3073106d361d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://elgoog.im
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 10:56:13 GMT
x-content-type-options
nosniff
age
4152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4112
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:58:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 10:56:13 GMT
fb.svg
cdn.elgoog.im/assets/svg/ 		274 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/fb.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fb42911cd8d9456b16ce8a0cb8bb8d11a2a0dac26d7c64c36146f1fff6b226e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:19:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEY%2FM8VaZ2oRtZoBMKP%2FbG9qH2eeisP9d9WlUUFnBQkv1CMG8%2FESc29n11eZO5HA5FTyrENZhMVSIWuMaVGe%2Fs95yjyrzqi01AUx%2FinRWPYnqcljkO%2BdsdBNPAfdqP1sbDul8TbYrNDZVU4G"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd364eb0-FRA
expires
Wed, 22 Sep 2021 10:29:59 GMT
tw.svg
cdn.elgoog.im/assets/svg/ 		698 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/tw.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d361c665fed501be2411be1cf3194aad870e7dbc9139022031ae2711a9a5f777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:19:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b31sBqoBIIqeRatFTfTPHH7usQOyp%2FLZS9mf941CgCscWwhjfRZh0wXWVQRMKM022GrQQatv9AYgknIKV6oW%2FwnQbyjOdTycjdpqv4iL3DFMAc27xUot%2BZFMBrN590GRwIxLnsBPT%2F4hQBV3"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd394eb0-FRA
expires
Wed, 22 Sep 2021 10:29:59 GMT
search-blue.svg
cdn.elgoog.im/assets/svg/ 		301 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/search-blue.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf14e0a13c96e5c7c99efd6422b00c9359431ad7de82a1ef6fcb6e87c5815f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043016
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:21:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jz%2FKOuAfWIyRzGFtsskRblkZgtlt4oQLTZUhzGokcw%2BY0nMCVhD0RtD9rMB9AKAnUcKRtOoCWqd4HqdzDdqDgY5sK6%2F49zHg%2Bbidt4dkf%2FcAATP1nszGgEaWRffyIpA6fpyAkobgOEpHjvdZ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd3b4eb0-FRA
expires
Wed, 22 Sep 2021 10:31:49 GMT
all.svg
cdn.elgoog.im/assets/svg/ 		422 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/all.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d334796ed24f1592e5514975e6ae4a0b32ba830f7de8ac19b8666e0ffb61106b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1624052
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 15 Sep 2021 16:57:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2XmbB2d9sP6sNr9egg7l2boMGGzY68x7iW6Clz768QD0NNKq%2B9VNRXKoF1oXhkiSh%2BcZuXkQnrQOjT7IXPni6WWJlYB6g6r400HqxGWwI3C3G23rhiJq4BXDdWpSUomX%2BKm8lo4z3WYJVFL"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd3c4eb0-FRA
expires
Wed, 15 Sep 2021 17:07:53 GMT
news.svg
cdn.elgoog.im/assets/svg/ 		370 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/news.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1942220c39ba3ba7d5c78e1630b26733e1dd36266ed776b37d4b26378c6fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043016
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:21:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GGrBZbJtRiH8bpDzAsjHxEI3qYWOcb4sjpU2XONh%2FaABBJdnVf0mLIwqk0Wx4Wzbt%2FKEdwkXuZhmk6VPb56sPNS53EdEuptzJ9jrlJaXVV%2FCu501IC65kPWFtVUVMb52PmCiUqIzYmyBMOk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd3f4eb0-FRA
expires
Wed, 22 Sep 2021 10:31:49 GMT
books.svg
cdn.elgoog.im/assets/svg/ 		202 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/books.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556d7e04634efda779d9deaab33a5f47614b9901fc5e04a1e4ae88b537a84b2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043016
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:21:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYo89Z%2FXI1edpyLf0x7DHJD%2BJiogE8EAHj5XT%2B4j9K%2Byb1L%2BrttpN39hmsaxBJA4C3hwMasu5oTwX8Rh3BdHkflal8JbpeERqOEbEF9AOwrNs%2BcDw2BOJUH6CxjOuxbYfVgUcRxdT5441O5Z"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd404eb0-FRA
expires
Wed, 22 Sep 2021 10:31:49 GMT
images.svg
cdn.elgoog.im/assets/svg/ 		342 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/images.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff31f9b277062c2bffd781a2343ae0ee0b7e1e69bc5f91297e6bd991fc6bb27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043016
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:21:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9ugQaJk1ajoqp3m5JRvNcvxDIN28OlrOA5%2FvLX9Ar93hdHXuMnhrsw8en8XUKRcTYh1hILTFX9ZfubDpJAetTBu621zfovZeN95wptTizksGLnmYOyi4oS7SwMKIljSwbq17BSVUPPmF5Nq"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd414eb0-FRA
expires
Wed, 22 Sep 2021 10:31:49 GMT
videos.svg
cdn.elgoog.im/assets/svg/ 		291 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/videos.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e3bff4dcaa29f460fc8e9a74624323e8432c669498dd864d71cf790178c724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1043016
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 10:21:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXnzo07VOGYIDBhyhPO%2BfosnlCobodFXI52dOWWkjOHnhLthwlv%2BBo%2Fu%2Fd9GR4QXmKd3wpiW95d74HAsIp1YrK%2FDiq4h34fdFRZZEQRFM6b9x%2FTlxCzUywHO5%2FcJ0BUFEFrqDVBQS4UqX6Gq"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd434eb0-FRA
expires
Wed, 22 Sep 2021 10:31:49 GMT
favicon.svg
cdn.elgoog.im/assets/svg/ 		417 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/svg/favicon.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383e2e78b469b28d9c6d0aaf59e5e0572019748b9e5c75a856efcfba87ed573f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1847745
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 13 Sep 2021 02:49:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbgGEn04gOb4iTmDdRIaW88rdDRRVzfwQp3oIbkfXVD93cbrN2KZ%2B33W10I8D2KgsOJXQuiB4pRknUtFx%2BpmhiBvXUvVnEDMkFupwKk%2BrcK5wfBG3OwAkumusrScwRBPbpvdJoT6qUwFowRc"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
cf-ray
698e4743bd454eb0-FRA
expires
Mon, 13 Sep 2021 02:59:40 GMT
nav_logo242_hr.png
cdn.elgoog.im/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.elgoog.im/assets/img/nav_logo242_hr.png
Requested by
Host: elgoog.im
URL: https://elgoog.im/assets/css/gserp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b825de47aba3c06f0193a05591ef370ba361c9080952cb7e9be1963cede860

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1042646
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3104
last-modified
Wed, 22 Sep 2021 10:27:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeVS8ykcDKjwpnMwj0fmVZ5R7uMukRD7zm3WR4yJc%2B6j8lgpSZ4DVedNoSY%2FcXsKFkU4T2zwHQJV157ab5rp6EcSeqxpzhE8R%2FcvOWrq3LMqY7v7H25UFW8Pk4gjl3AiNdikZCgI%2BcuY0%2F20"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
698e4743bd494eb0-FRA
expires
Wed, 22 Sep 2021 10:37:59 GMT
elgoog.js
cdn4.buysellads.net/pub/ 		577 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8f66e9ea3490dbf0cbfdb927d0e6fabcbe7a7ae7d9d2edc037863acfd0e3c555

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 11:57:40 GMT
server
NetDNA-cache/2.2
x-amz-request-id
N50ET1PAC0EM8536
etag
W/"d5296520e5b9a13692e46bdb177af3ea"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
O4hSpZb6SPMRFHk/Fc7yJfM9heGmkNQIO8G0ZLqakWuyQYTsiXb04qFKkYMotzB0cmwsoT68Weo=
expires
Thu, 29 Sep 2022 12:05:25 GMT
impl.20211004-2-RELEASE.js
cdn.taboola.com/libtrc/ 		533 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
886543377b40a38e7042995816455bfa97a7cb870c73898e58e56cef9727a816

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
bIk3CJIMiVCMCGQIxOJd5lkIhtnTIGPo
content-encoding
br
etag
"ce6b66e952c1bbe3e8de2ee3729a3026"
age
9608
x-cache
HIT
content-length
120183
x-amz-id-2
TdSC4GeUw+j5R+Wd5Uw+fsLcfpAkJ3jVTtW3msPdvIJ0lnze7mlQLbIH6x1f+KS+A6gixOxwUEY=
x-served-by
cache-fra19157-FRA
last-modified
Mon, 04 Oct 2021 09:22:06 GMT
server
AmazonS3-br
x-timer
S1633349126.774477,VS0,VE0
date
Mon, 04 Oct 2021 12:05:25 GMT
vary
Accept-Encoding
x-amz-request-id
CBJ5528BX992T20J
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
42141
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-63.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 02:05:19 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
36011
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
N6pRjiXdvHpslwDnLdAU1ZgAl5jTeAeZ8JzI1U1V-2c9j90wVZk0Lw==
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=899212353&t=pageview&_s=1&dl=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&ul=en-us&de=UTF-8&dt=Google%20Search%20Mirror%20-%20elgooG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADAAAAAC~&jid=1509703798&gjid=1310128319&cid=813070873.1633349126&tid=UA-20764615-1&_gid=627465066.1633349126&_r=1&_av=2.4.1&_au=362&did=i5iSjo&z=2060221487
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://elgoog.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1633349125807&ns_c=UTF-8&cv=3.5&c8=Google%20Search%20Mirror%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633349125807&ns_c=UTF-8&cv=3.5&c8=Google%20Search%20Mirror%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633349125807&ns_c=UTF-8&cv=3.5&c8=Google%20Search%20Mirror%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&c9=
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-63.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
p3rj1fFXliRx3hiLugGmOaQL-bqdb6jxYcOkPqs_YxwPlAr7aJ-GwA==

Redirect headers

date
Mon, 04 Oct 2021 12:05:25 GMT
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633349125807&ns_c=UTF-8&cv=3.5&c8=Google%20Search%20Mirror%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&c9=
content-length
269
x-amz-cf-id
d-3DdlSjhEtPt3f5oEzg5RpJ2TDP8c5Me-JDgVS-RxF4FY2X4Os7vA==
json
trc.taboola.com/iploc-elgoog/trc/3/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/trc/3/json?tim=12%3A05%3A25.831&lti=deflated&data=%7B%22id%22%3A932%2C%22ii%22%3A%22%2Fsearch%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1633340928399%2C%22vi%22%3A1633349125830%2C%22cv%22%3A%2220211004-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Felgoog.im%2Fsearch%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1596%2C%22qs%22%3A%22%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch%22%2C%22nsid%22%3A%22iploc-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-1X1%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22uip%22%3A%22search-300%22%2C%22orig_uip%22%3A%22search-300%22%2C%22cd%22%3A321%2C%22mw%22%3A398%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-1X1stream%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22uip%22%3A%22search-468%22%2C%22orig_uip%22%3A%22search-468%22%2C%22cd%22%3A351%2C%22mw%22%3A468%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsearch%2Csearch-300%3Dthumbnails-1X1%3Apub%3Diploc-network%3Aabp%3D0%2C%2Csearch-468%3Dthumbnails-1X1stream%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c32c4fb54b4ffa3b369c52caac50ce16daa38ea8876f51e0e81a0bdef9cf0b8d

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
340
date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
gzip
server
nginx
x-timer
S1633349126.842604,VS0,VE340
x-served-by
cache-fra19157-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ 		4 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-20764615-1&cid=813070873.1633349126&jid=1509703798&gjid=1310128319&_gid=627465066.1633349126&_u=aGBAAEACAAAAAC~&z=1356479630
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Oct 2021 12:05:25 GMT
content-type
text/plain
access-control-allow-origin
https://elgoog.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bace19bcfef91a5fe04b1a7e80594b4fa17b31a7c44b3b827dceb83c9cbf60da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1005 / 58 of 1000 / last-modified: 1633345678"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25719
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Oct 2021 12:05:25 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:00:43 GMT
content-encoding
gzip
age
282
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1MYSV32V6MG9KP0D3AV5
etag
3900a2c2d757386fb762bfd86288f882
vary
Accept-Encoding
x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
V6S_1YXKpJAn8Uk8twdYj_6LPxhVjzND8jpJshQ7o1sBc7OfwQBL6w==
acceptable.gif
cdn4.buysellads.net/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=4.598587253566562
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
W85HW21758QZ80JZ
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
2ECNK5G7Mp+B8YY6MSguWYBv8JAqCwUGcoDbIXVibSpdxqLsQb6jp/ZHie9unyfhUhUPDdRvRBE=
expires
Thu, 29 Sep 2022 12:05:26 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=4.598587253566562
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
W85M2BNTWQKX06MV
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
z81T2voMjIy/8zbEb65Y71v1f4PRLiwuMem0QH3KyC/EVAWRmAYSwkROVl0KYvvHrYYzgqQPBtc=
expires
Thu, 29 Sep 2022 12:05:26 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-20764615-1&cid=813070873.1633349126&jid=1509703798&_u=aGBAAEACAAAAAC~&z=842788698
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-20764615-1&cid=813070873.1633349126&jid=1509703798&_u=aGBAAEACAAAAAC~&z=842788698
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
15788
x-edge-origin-shield-skipped
0
access-control-max-age
3000
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Mon, 04 Oct 2021 07:44:20 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
aOWDQukZPfwNlnV4Q11GBSffPOc4l3qoVk8BweKDWLPfxx_aw7H5XA==
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Oct 2021 12:05:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		123 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=elgoog.im
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4e2a55355f1661738d074c8c465abb7bc3c73f4afa806f093730af9fff41f717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 12:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92
x-xss-protection
0
expires
Mon, 04 Oct 2021 12:05:25 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
21723
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5990
x-amz-id-2
5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by
cache-fra19157-FRA
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1633349126.197614,VS0,VE0
date
Mon, 04 Oct 2021 12:05:26 GMT
vary
Accept-Encoding
x-amz-request-id
KQE2YD0951MP799B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
156853
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
utbdQZ5v14OnoTUQd.81IxLPfHveDfBr
content-encoding
gzip
etag
"11f540e55c5b728ecc4eab8bb1cfa0d4"
age
12782
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
707
x-amz-id-2
gMnmbwIrT/YyRrPrFfibnhnNINMUlVNGEibawcAa1BKMM3AfWt+hFOGpF2jHmeULVUF9kTg2hv4=
x-served-by
cache-fra19157-FRA
last-modified
Mon, 13 Sep 2021 10:18:26 GMT
server
AmazonS3
x-timer
S1633349126.197644,VS0,VE0
date
Mon, 04 Oct 2021 12:05:26 GMT
vary
Accept-Encoding
x-amz-request-id
5AF67QCE4SJFAF0F
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
10
x-cache-hits
62059
tfa-eid.20211004-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211004-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecd73f9c322b0583c723569820f877295cdc59bc3e5c33fc8075a74c3cd284d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
QDkfA43QX.UCNRFkCrdWRm.ivESCW5c0
content-encoding
gzip
etag
"a46d0864beb8e0c24c2b6ae5ebd84e8b"
age
8483
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5061
x-amz-id-2
wBdE+9yR/wKwa+ZzC05cvYQosx+Dmrd7D9JaO9at5H6TVEOeMj6qgv6VZrF++rI4/z9pEYi92LM=
x-served-by
cache-fra19157-FRA
last-modified
Mon, 04 Oct 2021 09:41:03 GMT
server
AmazonS3
x-timer
S1633349126.199451,VS0,VE0
date
Mon, 04 Oct 2021 12:05:26 GMT
vary
Accept-Encoding
x-amz-request-id
MM0MY0XAN0VN13ND
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
37937
sha256.20211004-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211004-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e7e4fb4069e2a9d6923ed70c9cfc1fdd7e5a7b3f2d6634b034be71bb52d404b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
Sz5G_r8._vUyewdWYPYiJvpfCCp507nd
content-encoding
gzip
etag
"15f06578450bab8f48625c0818ee8da4"
age
8361
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
2IN42bvWHOiBcu72p5gtWXgSDDyFQREV0qkT3XZeP4sSmaM1bjqB2/uFM73FA+Jp1hl+7oaEuNk=
x-served-by
cache-fra19157-FRA
last-modified
Mon, 04 Oct 2021 09:41:44 GMT
server
AmazonS3
x-timer
S1633349126.199516,VS0,VE0
date
Mon, 04 Oct 2021 12:05:26 GMT
vary
Accept-Encoding
x-amz-request-id
EW442ZX2K1B7C0JQ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
36117
userx.20211004-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211004-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce9e3c2164177368198969b7669e4b8aa5a1bdc36f26e31febd0394cef913ec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
.wDO.vPIJALX8WNWAWENNm6YoeV9bNfj
content-encoding
gzip
etag
"951bd87a071d9de440a1429d105eddd4"
age
8362
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
yU/fPeNR22rFTYlh0ceSUJ6+z4Uyu0eiXn/wS71T7XZTfiNkAA2KFhb4r+u7FUNRcZl7Gw8Adcc=
x-served-by
cache-fra19157-FRA
last-modified
Mon, 04 Oct 2021 09:40:46 GMT
server
AmazonS3
x-timer
S1633349126.211359,VS0,VE0
date
Mon, 04 Oct 2021 12:05:26 GMT
vary
Accept-Encoding
x-amz-request-id
EW4FX5GQ8KN40K1N
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
11685
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56e92b441d55c79671c12ab64adb742756d8ab8ec92d446f68698c7b1cc36374

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
gzip
access-control-allow-origin
https://elgoog.im
machineid
1448
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1633349126.231713,VS0,VE31
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
ce3b2c57e013b687788c8b8df59193b0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce3b2c57e013b687788c8b8df59193b0.jpeg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d9a615cb17459d93e24fb633f016613edae2479e955a5ed444266a5e553e802

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 varnish, 1.1 varnish
age
3581052
edge-cache-tag
600532161463203979912209883517547953369,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
31
expiration
expiry-date="Mon, 13 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce3b2c57e013b687788c8b8df59193b0.jpeg
content-length
12342
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Fri, 13 Aug 2021 09:13:41 GMT
server
nginx
x-timer
S1633349126.231779,VS0,VE0
etag
"007a0832e64ae814ca0ab39b15cb5048"
x-served-by
cache-wdc5523-WDC, cache-dca17783-DCA, cache-fra19157-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
0a139db340e4964d8c4ec3e2e5126223.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a139db340e4964d8c4ec3e2e5126223.jpg
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be68e1d73fdcca366df22bfcd54fbc03fdccd91fceab80558b1254e629564d20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 varnish
age
2409728
edge-cache-tag
324964736893162681743743237963414434931,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
102
expiration
expiry-date="Mon, 20 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a139db340e4964d8c4ec3e2e5126223.jpg
content-length
2934
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 20 Aug 2021 08:07:35 GMT
server
nginx
x-timer
S1633349126.237366,VS0,VE1
etag
"a8570ad1626d3686ebf57ae926b689e4"
x-served-by
cache-wdc5576-WDC, cache-fra19157-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront), 1.1 varnish
age
1599328
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-fra19157-FRA
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1633349126.277209,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
Sk-dQ-vXqlkymfouDYO0ROLJleZN_EmWEBrNrUZpeGf8tabSmNbJwg==
x-cache-hits
636770
st
imprammp.taboola.com/ Frame 4C62 		0
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=DC7195B06A40734752271802376&cicmp=1337627&cijs=1&dast=V716UCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMThLZarCWG2IA12m9FutVgsZ4PRaLTbTJaQMIvFYjSZrYZTMNjC53R3t0ECTafD57rXq8w-v99nV7r9cgAAAAB4ACBqiYbY8W1ojwAAAACQ4Bm5VqAIqPi3ELgAAAAAwAAgEAvXAIDiIICz3-4PAIAHBRAAAAGMEAAocSYRAAAAgBEAAAAAEgCBxMISAIe7RRMAgAC-pRhkpxMAAICDOpmnbZb_____GIC89yYZAIq0jRuDHoAHH4AHIQAAgI8h4X1mgH8AWlqiAtQiRgAAAABOL9AfR5M6obKo-v___7cCuAIACOBbikF-y7o5KWYNAwAAABhboIfF7zc77Bq_22X__________2b_ZwBoQlij12lBJrhSajwj1wprv4AAAGzvBgDwJgAXcwB2AAAAAHf_____eQAAAAF7lGyv1Xj2KOt9Blv4nO7u-k3YYrSaTDbL4Wy5mAyGo-FotD-B3AxwIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDfGg6lw6n1en4sF8XM597cJHhhvORbu5ZDCcaxarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cipid=7991117&ttype=0&cirid=DC7195B06A40734752271802376&cicmp=1337627&cijs=1&dast=V716UCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMThLZarCWG2IA12m9FutVgsZ4PRaLTbTJaQMIvFYjSZrYZTMNjC53R3t0ECTafD57rXq8w-v99nV7r9cgAAAAB4ACBqiYbY8W1ojwAAAACQ4Bm5VqAIqPi3ELgAAAAAwAAgEAvXAIDiIICz3-4PAIAHBRAAAAGMEAAocSYRAAAAgBEAAAAAEgCBxMISAIe7RRMAgAC-pRhkpxMAAICDOpmnbZb_____GIC89yYZAIq0jRuDHoAHH4AHIQAAgI8h4X1mgH8AWlqiAtQiRgAAAABOL9AfR5M6obKo-v___7cCuAIACOBbikF-y7o5KWYNAwAAABhboIfF7zc77Bq_22X__________2b_ZwBoQlij12lBJrhSajwj1wprv4AAAGzvBgDwJgAXcwB2AAAAAHf_____eQAAAAF7lGyv1Xj2KOt9Blv4nO7u-k3YYrSaTDbL4Wy5mAyGo-FotD-B3AxwIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDfGg6lw6n1en4sF8XM597cJHhhvORbu5ZDCcaxarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://elgoog.im/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 varnish
x-served-by
cache-fra19157-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1633349126.288484,VS0,VE10
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 		727 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 varnish
age
816835
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697428
x-amz-meta-mode
33188
content-encoding
br
content-length
135037
x-amz-id-2
R7UL94kG2HiQAtEkrEYE/heoUZOUgbvAnoVXd8zLt8ugqtk4mWSpT2+K3iCLbMJ+CITE7+FYECcdsLoTWgTwDQ==
x-served-by
cache-fra19157-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:50 GMT
server
AmazonS3-br
x-timer
S1633349126.288321,VS0,VE0
etag
"37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
MZ1KS47CH46547NH
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
4471
cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 varnish
age
208015
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697397
x-amz-meta-mode
33188
content-encoding
br
content-length
6493
x-amz-id-2
UqEr3qm5RfjvZkuVYH2+3RE9+L3aOIC/iBmkQutDGLBsmL6fIkf6k7+kTV2NXwwIZSz+HPQRRCk=
x-served-by
cache-fra19157-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:19 GMT
server
AmazonS3-br
x-timer
S1633349126.288802,VS0,VE0
etag
"083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
XY1S650H2M9RWQYJ
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
17695
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
2198003
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-fra19157-FRA
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1633349126.355792,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
hYmlhwUcMuy_jY0bhHen0eQYADyDybzLMR7x7dl3LWMvtY6DtLOx0A==
x-cache-hits
535927
199853eb-2dc5-4fe6-b835-0afecf4835d2
https://elgoog.im/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://elgoog.im/199853eb-2dc5-4fe6-b835-0afecf4835d2
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
1bd76136-f6ed-4e9c-bc64-bc936ae45af7
https://elgoog.im/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://elgoog.im/1bd76136-f6ed-4e9c-bc64-bc936ae45af7
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
jk3xigqdl5qnuwmrqh0i.mp4
c3.taboola.com/libtrc/static/video/v1628508342/ 		445 KB
445 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/v1628508342/jk3xigqdl5qnuwmrqh0i.mp4
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
940bd81f7332842d83df60672bf51a5712469d47a2d5c6365eb278c4fee93675

Request headers

Referer
https://elgoog.im/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
ixyf6kpB.RhAUGCRAw2tDuwMB946zXT3
via
1.1 varnish
etag
"43177dd1bbcfbf586744137256865cd8"
age
116
x-cache
HIT
Content-Range
bytes 0-455170/455171
x-amz-replication-status
COMPLETED
Content-Length
455171
x-amz-id-2
jMQPFv4LYddy892SRfbY8MVN+B09Hqzfp1Z6GvRGElCNL1Mi9eZZNAiS1mW1wRJgPXXG9WbNBQ4=
x-served-by
cache-fra19157-FRA
last-modified
Mon, 09 Aug 2021 11:26:28 GMT
server
AmazonS3
x-timer
S1633349126.416059,VS0,VE1
date
Mon, 04 Oct 2021 12:05:26 GMT
x-amz-request-id
KPTGG4M3JS916BRW
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
10
x-cache-hits
0
config
c.amazon-adsystem.com/cdn/prod/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
https://elgoog.im
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
NXUtTnOOfSeDTxb9E22AhjY0cE-Qf162kfJ61uF7b4ZFrGT-wYgGFA==
localstore.js
script.4dex.io/ 		483 B
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
271486
x-amz-request-id
tx4156f9f298ad4ef289067-006156c982
x-amz-id-2
tx4156f9f298ad4ef289067-006156c982
last-modified
Fri, 01 Oct 2021 08:34:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=el8sNZRGu5WpBQodRuGPSwTud5RIGw04YdsNLMpgF1DYrSaeIk7gy22BIjOyNjcI6V2WGTv2AlGD7sVUKkCS8vpTg6HNU4wn6NV6gKlc4txVZ0ycf12%2Fo16qxlHWmvIXse1YJg%2FodyVM1qg9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1633077261838806
cf-ray
698e4749c8815b3e-FRA
adreq
ads.servenobid.com/ 		387 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10379
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c5b54016f463344a05513bff6e67060236d45b996118c029f55d71323289d702

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://elgoog.im
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b642d452689ef88ee91afa58679205a02b1d7d7b122529737ffbe0f96f1054ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:26 GMT
X-Proxy-Origin
78.47.208.31; 78.47.208.31; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
896642a5-068b-4aae-8b68-5d5a37c2f12c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://elgoog.im
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
buysellads-d.openx.net/w/1.0/ 		172 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buysellads-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3b95f339-3fe5-4ad3-884e-f3aeda72a857&nocache=1633349126663&schain=1.0%2C1!buysellads.com%2C12912%2C1%2C%2C%2C&aus=728x90&divids=bsa-zone_1621267367599-4_123456&aucs=&auid=541001000
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
7766a07b0a8bdc8408143717af197651774ad8c840b7765624fd2ce93a96c7e2

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://elgoog.im
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=58072752963
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://elgoog.im
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-origin
https://elgoog.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
698e4749d82d323c-FRA
x-err
Validating the Prebid Request. site disabled for organization, OrganizationId = 1116 and Site name = elgoog-im
expires
0
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://elgoog.im
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&pid=LcnzkD2u5w7S1&cb=0&ws=1600x1200&v=7.69.01&t=600&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8691100%2Felgoog_S2S_728x90_ROS_Pos1%22%7D%5D&schain=1.0%2C1!buysellads.com%2C12912%2C1%2C%2C%2C&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
T23BYGY1MBBCFFWPN0ZE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://elgoog.im
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
cxDU3E1s2vPa37ySBlCW9V1fewR7cLX7z3esN4JDKUjROmgJ7xye1A==
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
271451
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx4d23e978ad034b3dabefd-006156c99f
x-amz-id-2
tx4d23e978ad034b3dabefd-006156c99f
last-modified
Fri, 01 Oct 2021 08:34:20 GMT
server
cloudflare
etag
W/"5300a3b1be09eec23740c383b46565be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmgkWhG4q5hvUXlJPvDRE18sYWKnVBbh%2BPbyRhj4HLQjZY0u225PK5O08uLbHjykhFsyKNtyzoM6JN2ecUdKWKXP55ujJbk5H%2BGC88Bi%2FLCdes8lXPB1OKkuZy%2BoiAd34RPtHKJm6QzrJZcU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1633077260231162
cf-ray
698e4749fc5d0eab-FRA
access-control-allow-headers
Authorization
bulk
trc.taboola.com/iploc-elgoog/log/3/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/log/3/bulk?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 04 Oct 2021 12:05:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1633349127.220334,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/iploc-elgoog/log/3/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/log/3/visible?tvi2=-2&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 04 Oct 2021 12:05:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1633349127.221589,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/iploc-elgoog/log/3/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/log/3/visible?tvi2=-2&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Mon, 04 Oct 2021 12:05:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1633349127.233316,VS0,VE8
x-served-by
cache-fra19157-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
16023
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by
cache-fra19157-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1633349127.238840,VS0,VE0
date
Mon, 04 Oct 2021 12:05:27 GMT
x-amz-request-id
E8X2YXVA73E9K5Z9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
10
x-cache-hits
18541
data
mp.4dex.io/ 		26 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/data
Requested by
Host: elgoog.im
URL: https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed6dc25c0545ce6ad509aec899a13cc81124c187c9905306a05652c266fdc85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://elgoog.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
698e474d5c90323c-FRA
content-length
26
expires
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:27 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:28 GMT
server
nginx
etag
W/"6138b194-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Oct 2021 12:05:27 GMT
syncframe
gum.criteo.com/ Frame E4B9 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=elgoog.im
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=elgoog.im
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://elgoog.im/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2118
set-cookie
uid=9bba4c2e-0a94-4f53-b1b2-29b61bfac6fb; expires=Sat, 29 Oct 2022 12:05:27 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Mon, 04 Oct 2021 12:05:26 GMT
content-length
4666
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:27 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:28 GMT
server
nginx
etag
W/"6138b194-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Oct 2021 12:05:27 GMT
sid
mug.criteo.com/ Frame E4B9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=elgoog.im&sn=ChromeSyncframe&so=0&topUrl=elgoog.im&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Pd3Usnw4OTBxS3dQTkI0S042cmlqNFJiRXpObmZ5N1J1UW1PRHpEN1NkSy9ubXFDTkxmL3VjYXI4alBvQ0lHd1hPeVI2aElwWngzWmNWWUFwM2FGSUZZTUJkRmkyQjVIWlFLbVl5YkcyMzdNZnVneStuTWVvOGRBVk95ek...
433 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Pd3Usnw4OTBxS3dQTkI0S042cmlqNFJiRXpObmZ5N1J1UW1PRHpEN1NkSy9ubXFDTkxmL3VjYXI4alBvQ0lHd1hPeVI2aElwWngzWmNWWUFwM2FGSUZZTUJkRmkyQjVIWlFLbVl5YkcyMzdNZnVneStuTWVvOGRBVk95ekdQVDZ3aGV4c1gydysxYmx1dXJBUVpSZVkwVXlrT3BlZGp5ZHJzSGRBWGlvVHBhVkZjZng4ZEZKVHVOSkhVcis2NFVVWXhKSUp0bUxjUHlJalgwbTZxYVJLUGN3aEdpdU5DZGpLL3hBRW4zaXdHZ3VKNjFoelhvTWNJVkhwQ2ExNzFXK0djRExBWHVzcmpHYUNVSUE1OE9yMkpaUllUUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d3f43ce1876830a4cd376f396bb98a5fe91fbebb1a2ad2d4df92a91f4c82e944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 04 Oct 2021 12:05:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2739
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Oct 2021 12:05:27 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Pd3Usnw4OTBxS3dQTkI0S042cmlqNFJiRXpObmZ5N1J1UW1PRHpEN1NkSy9ubXFDTkxmL3VjYXI4alBvQ0lHd1hPeVI2aElwWngzWmNWWUFwM2FGSUZZTUJkRmkyQjVIWlFLbVl5YkcyMzdNZnVneStuTWVvOGRBVk95ekdQVDZ3aGV4c1gydysxYmx1dXJBUVpSZVkwVXlrT3BlZGp5ZHJzSGRBWGlvVHBhVkZjZng4ZEZKVHVOSkhVcis2NFVVWXhKSUp0bUxjUHlJalgwbTZxYVJLUGN3aEdpdU5DZGpLL3hBRW4zaXdHZ3VKNjFoelhvTWNJVkhwQ2ExNzFXK0djRExBWHVzcmpHYUNVSUE1OE9yMkpaUllUUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2059
content-length
541
expires
0
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1720
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19157-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1633349128.197433,VS0,VE0
date
Mon, 04 Oct 2021 12:05:28 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
9866
/
pips.taboola.com/ 		64 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
7108170dc6fc78af2c3494fbbe3a4a044b183488f6546cd0cd7678c129bcc107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19138-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://elgoog.im
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0f4b070b-6a6d-43af-b56c-9798d5f07d10-tuct8547385&uad=20d9b019140657974839a0941f59442f675e90021e9a9f029ce5be4d72864c1a
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Oct 2021 12:05:28 GMT
Cache-Control
no-store
Server
nginx
Connection
close
sync.html
public.servenobid.com/ Frame 0281 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61e3f7b4db3e4add72ed02ed34c271590730960cce19f3e9daba9f41f96deefd

Request headers

:method
GET
:authority
public.servenobid.com
:scheme
https
:path
/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://elgoog.im/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Mon, 27 Sep 2021 23:16:04 GMT
accept-ranges
bytes
etag
"0c8fcfed372e8ea547fa4ee21b6dd863"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
imCUg03kuI8SqOcGAlNffU545ZxK2sdG+O1koeHIiNEHZBPZKD6FYtYM4Vxi/VtbLB9eu67ZE34=
x-amz-request-id
7NS98VXG1MC7M6Y8
x-amz-meta-codebuild-content-sha256
01c540629e079d56520b7fa63083e9b37686f2aa5fb33e4aaa63b8fac2ea45d3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:746d692d-bc29-4a9a-a625-c4ec9de0ecdc
x-amz-meta-codebuild-content-md5
11f479d98d48c47263794a1ae04eb1b5
x-azure-ref-originshield
0BbFaYQAAAADtNC3vBW6WRoJYD0KieZu5TE9OMjFFREdFMTUxOAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0Ce5aYQAAAABUhfonFpvNRJ/iIkm+7RVFRlJBRURHRTEwMTIAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Mon, 04 Oct 2021 12:05:29 GMT
/
onetag-sys.com/usync/ Frame 28D2 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1633349126701
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1633349126701
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://elgoog.im/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 461F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://elgoog.im/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIvahBEAoYASABKAEwhtzrigY4AUABSAEQhtzrigYYAA..; uuid2=7636244950887096625
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 05 Oct 2021 12:05:31 GMT
Date
Mon, 04 Oct 2021 12:05:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 8D05 		668 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/elgoog.js?1633348800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
38cf1813518828bf4b80fb772af6589774e1d77af49197c6f5c5ebca5bb6c26c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://elgoog.im/
accept-encoding
gzip, deflate, br
cookie
i=2bef4d82-d7a7-08ac-3561-546d8ccb681a|1633349126
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2bef4d82-d7a7-08ac-3561-546d8ccb681a|1633349126; Version=1; Expires=Tue, 04-Oct-2022 12:05:29 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1633349129|gekin0vNiygu; Version=1; Expires=Tue, 19-Oct-2021 12:05:29 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 04 Oct 2021 12:05:29 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
sd
eu-u.openx.net/w/1.0/ Frame 8D05
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=98ab615a-ee09-4900-9231-2ae61daa5d7d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=98ab615a-ee09-4900-9231-2ae61daa5d7d
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 04 Oct 2021 12:05:29 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=98ab615a-ee09-4900-9231-2ae61daa5d7d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Oct 2021 12:05:28 GMT
sd
us-u.openx.net/w/1.0/ Frame 8D05
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rAFtA_9VaFu3VGgA-VR1AKgBYQa3BWhV_lXf6CRi
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rAFtA_9VaFu3VGgA-VR1AKgBYQa3BWhV_lXf6CRi
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rAFtA_9VaFu3VGgA-VR1AKgBYQa3BWhV_lXf6CRi
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8D05
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4472295678925414128
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4472295678925414128
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4472295678925414128
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 8D05 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f84372db-7e20-375b-6fb7-9c85e8ec5be7&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8D05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDQyY2ExMTEtYjc1Ny02OWZmLTdhNTctYzYzYzIyMGU5NTg3
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDQyY2ExMTEtYjc1Ny02OWZmLTdhNTctYzYzYzIyMGU5NTg3&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDQyY2ExMTEtYjc1Ny02OWZmLTdhNTctYzYzYzIyMGU5NTg3&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDQyY2ExMTEtYjc1Ny02OWZmLTdhNTctYzYzYzIyMGU5NTg3&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8D05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOA4nFuMcLKlBNNZ1Q6ZBS0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOA4nFuMcLKlBNNZ1Q6ZBS0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=626fe778-b2ca-415b-a3f6-584fd2ac5ec0&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOA4nFuMcLKlBNNZ1Q6ZBS0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 461F 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:29 GMT
X-Proxy-Origin
78.47.208.31; 78.47.208.31; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cc00021c-a8e7-43d0-8a8f-3d1c893b5c8e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame ABF9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
03364797acc574946d6ad136c3f7ceaff61a2410013cdfd6331066ca3c4f0b4c

Request headers

:method
GET
:authority
g2.gumgum.com
:scheme
https
:path
/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6; Domain=.gumgum.com; Expires=Tue, 04-Oct-2022 12:05:30 GMT; Path=/; Secure; SameSite=None
etag
W/"01c0909d533bd5d75b0af140afb5e7b35"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 1F41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
pixel.33across.com
:scheme
https
:path
/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Mon, 04 Oct 2021 12:05:29 GMT
/
onetag-sys.com/usync/ Frame 13F2 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F9B8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
cbce1728fe22269d982ef93935ed3a20150ac0a5344d061a51942d34e0c1086f

Request headers

Host
ssbsync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://public.servenobid.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
content-type
text/html
content-length
1030
set-cookie
pid=6516540702050882901; expires=Fri, 04 Nov 2022 12:04:30 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BDB4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b81f8bf194fe39d8223bc9942253f93c3138e69da8f9d38bb6f39fd6ba8c639d

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://public.servenobid.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVruCjNNqQT.om9yXtFquQAA; CMPS=3175
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|64|190|57|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1571
Expires
Mon, 04 Oct 2021 12:05:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Connection
keep-alive
Set-Cookie
CMID=YVruCjNNqQT.om9yXtFquQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 04 Oct 2022 12:05:30 GMT CMPS=3175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 02 Jan 2022 12:05:30 GMT CMPRO=1163;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 02 Jan 2022 12:05:30 GMT CMST=YVruCmFa7goA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 05 Oct 2021 12:05:30 GMT CMRUM3=e6615aee0a2760&27615aee0a0b40&c4615aee0a05a0&2d615aee0a05a0&f1615aee0a05a0&39615aee0a05a0&40615aee0a05a0&be615aee0a05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 04 Oct 2022 12:05:30 GMT

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 04 Oct 2021 12:05:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Connection
keep-alive
Set-Cookie
CMID=YVruCjNNqQT.om9yXtFquQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 04 Oct 2022 12:05:30 GMT CMPS=3175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 02 Jan 2022 12:05:30 GMT
sync
ads.servenobid.com/ Frame 0281
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7636244950887096625
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7636244950887096625
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:29 GMT
X-Proxy-Origin
78.47.208.31; 78.47.208.31; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9a4ff826-2395-4575-afc6-a52dd0807335
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7636244950887096625
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 0281
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=2656825202f49a56ea5b0251
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=2656825202f49a56ea5b0251
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 04 Oct 2021 12:05:30 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=2656825202f49a56ea5b0251
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 0281
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4818143132
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4818143132
  • https://sync.1rx.io/usersync/tradedesk/a98b6da6-b98c-4ead-8dd1-0c2292689141
  • https://sync.targeting.unrulymedia.com/csync/RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
date
Mon, 04 Oct 2021 12:05:30 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX15302bfbf5b64df7a69a22109fef47ba003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame 0281 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.12.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-12-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame 0281
Redirect Chain
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D
  • https://ads.servenobid.com/sync?pid=328&uid=a88f3182eb10d6802df9adfd5a62ee3c7d29a66a
0
0
sync
ads.servenobid.com/ Frame 0281
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=2159827874216029864
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=2159827874216029864
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=2159827874216029864
Date
Mon, 04 Oct 2021 12:05:30 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 0281 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 0281
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnV...
  • https://prebid.a-mo.net/cchain/0?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7...
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3J...
  • https://prebid.a-mo.net/cchain/1?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=sovrn&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0=&gdpr=0&gdpr_consent=&us_privacy=1---&uid=265682...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2...
  • https://prebid.a-mo.net/cchain/2?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=...
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZ...
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D73f5bc6b-eb14-4b9e-9d6a-82619e389bd7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmV...
  • https://prebid.a-mo.net/cchain/3?A=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&bidder=pubmatic&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=
  • https://ads.servenobid.com/sync?pid=327&uid=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&gdpr=0&gdpr_consent=&us_privacy=1---
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=73f5bc6b-eb14-4b9e-9d6a-82619e389bd7&gdpr=0&gdpr_consent=&us_privacy=1---
date
Mon, 04 Oct 2021 12:05:30 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 0281
Redirect Chain
  • https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D
  • https://ads.servenobid.com/sync?operaUid=82f89005d2694e238057aa336a94849f&pid=335&uid=
0
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?operaUid=82f89005d2694e238057aa336a94849f&pid=335&uid=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
server
Tengine
access-control-allow-origin
*
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
location
https://ads.servenobid.com/sync?operaUid=82f89005d2694e238057aa336a94849f&pid=335&uid=
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
117
expires
Mon, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7636244950887096625
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7636244950887096625
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
X-Proxy-Origin
78.47.208.31; 78.47.208.31; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d03416ae-cd02-4ccd-b3a8-d7d0c9cbdd0a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7636244950887096625
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=7de9e299-44e6-5315-af32-fc1ace681210&ssp=gumgum2&expires=30&user_group=1
  • https://rtb.gumgum.com/usersync?b=bsw&i=5d5a9be0-04fc-4637-a05a-89429c9c70b0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=5d5a9be0-04fc-4637-a05a-89429c9c70b0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=5d5a9be0-04fc-4637-a05a-89429c9c70b0
date
Mon, 04 Oct 2021 12:05:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-1b56997d-3c79-4406-6065-274e8c14ee0d$ip$78.47.208.31
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-1b56997d-3c79-4406-6065-274e8c14ee0d$ip$78.47.208.31
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-1b56997d-3c79-4406-6065-274e8c14ee0d$ip$78.47.208.31
Date
Mon, 04 Oct 2021 12:05:30 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=B2FjY4a1ufj4aiLpZNdX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QRSIZVFSNDBGF2WM2RUMFUUY4C2JZSFQJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=B2FjY4a1ufj4aiLpZNdX&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=B2FjY4a1ufj4aiLpZNdX&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=B2FjY4a1ufj4aiLpZNdX&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003&rndcb=6207850254
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003&rndcb=6207850254
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5d5a9be0-04fc-4637-a05a-89429c9c70b0&google_hm=NWQ1YTliZTAtMDRmYy00NjM3LWEwNWEtODk0MjljOWM3...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJ6P4Gr0JZD1wRBgHjFqgys&google_cver=1&ssp=adconductor&bsw_param=5d5a9be0-04fc-4637-a05a-89429c9c70b0
  • https://sync.1rx.io/usersync/bidswitch/5d5a9be0-04fc-4637-a05a-89429c9c70b0?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
date
Mon, 04 Oct 2021 12:05:30 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX15302bfbf5b64df7a69a22109fef47ba003
content-type
text/html
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=mYUIcMDzllal&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=mYUIcMDzllal&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=mYUIcMDzllal&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-687fd8448f-l8gkz
expires
-1
cookie-sync
sync.outbrain.com/ Frame ABF9
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28qkfJwIw5jjZSaDKsw25_cX9yGQJ3BsyXDt_TeiyudfZcafls-_lGntIMuTLtD1xF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6&obuid=ENC(qkfJwIw5jjZSaDKsw25_cX9yGQJ3BsyXDt_TeiyudfZcafls-_lGntIMuTLtD1xF)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=qkfJwIw5jjZSaDKsw25_cX9yGQJ3BsyXDt_TeiyudfZcafls-_lGntIMuTLtD1xF
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=outbrain
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4472295678925414128&ssp=outbrain
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=5d5a9be0-04fc-4637-a05a-89429c9c70b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=5d5a9be0-04fc-4637-a05a-89429c9c70b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 12:05:31 GMT
Cache-Control
no-cache
X-TraceId
1f1d003f451d5ce1592abd0d0336911
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=5d5a9be0-04fc-4637-a05a-89429c9c70b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date
Mon, 04 Oct 2021 12:05:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=0f7ed6ab-5635-0f0d-08cc-8c6820bc5aa1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=0f7ed6ab-5635-0f0d-08cc-8c6820bc5aa1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=0f7ed6ab-5635-0f0d-08cc-8c6820bc5aa1
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-s0livxJE2pcUb3OaU0xItlii7vYn1ypTyqCM~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-s0livxJE2pcUb3OaU0xItlii7vYn1ypTyqCM~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 04 Oct 2021 12:05:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-s0livxJE2pcUb3OaU0xItlii7vYn1ypTyqCM~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=5ea5ba38-250b-11ec-89be-9dff15d95565
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=5ea5ba38-250b-11ec-89be-9dff15d95565
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=5ea5ba38-250b-11ec-89be-9dff15d95565
Date
Mon, 04 Oct 2021 12:05:29 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5ea5ba39-250b-11ec-89be-9dff15d95565
services
sync.technoratimedia.com/ Frame ABF9 		0
0
142
match.deepintent.com/usersync/ Frame ABF9 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=e93e3927-917b-485c-aabe-c51779ece454
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=e93e3927-917b-485c-aabe-c51779ece454
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=e93e3927-917b-485c-aabe-c51779ece454
date
Mon, 04 Oct 2021 12:05:30 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame ABF9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=6516540702050882901&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=6516540702050882901&gdpr=1&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=6516540702050882901&gdpr=1&gdpr_consent=
date
Mon, 04 Oct 2021 12:05:30 GMT
content-length
0
sync
ads.servenobid.com/ Frame ABF9 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7363 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=80917
expires
Tue, 05 Oct 2021 10:34:07 GMT
date
Mon, 04 Oct 2021 12:05:30 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 0DA4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=a98b6da6-b98c-4ead-8dd1-0c2292689141&t=1635941130
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=a98b6da6-b98c-4ead-8dd1-0c2292689141&t=1635941130
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=a98b6da6-b98c-4ead-8dd1-0c2292689141&t=1635941130
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=a98b6da6-b98c-4ead-8dd1-0c2292689141&t=1635941130
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=a98b6da6-b98c-4ead-8dd1-0c2292689141; domain=.adsrvr.org; expires=Tue, 04-Oct-2022 12:05:30 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwiS_9zbv86DOhAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Tue, 04-Oct-2022 12:05:30 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame CEF1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://g2.gumgum.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"4001a-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Oct 2021 12:05:30 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Mon, 04 Oct 2021 12:05:30 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame 705A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=98ab615a-ee09-4900-9231-2ae61daa5d7d&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=98ab615a-ee09-4900-9231-2ae61daa5d7d&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=98ab615a-ee09-4900-9231-2ae61daa5d7d&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 04 Oct 2021 12:05:30 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=98ab615a-ee09-4900-9231-2ae61daa5d7d&gdpr=0&gdpr_consent=
Expires
Mon, 04 Oct 2021 12:05:29 GMT
usersync
rtb.gumgum.com/ Frame FBA3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR
  • https://rtb.gumgum.com/usersync?b=atm&i=YVruCgAAAd6SUAAR&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YVruCgAAAd6SUAAR&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YVruCgAAAd6SUAAR&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YVruCgAAAd6SUAAR&gdpr=0&gdpr_consent=&_test=YVruCgAAAd6SUAAR
accept-ranges
bytes
date
Mon, 04 Oct 2021 12:05:30 GMT
via
1.1 varnish
x-served-by
cache-fra19132-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1633349130.196137,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9F2F 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYzg2MmM1Yy04MzA0LTRjMDYtYWQ0Ny1iZjhiMGM3N2I5ZTY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYzg2MmM1Yy04MzA0LTRjMDYtYWQ0Ny1iZjhiMGM3N2I5ZTY=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 04 Oct 2021 12:05:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ssc-cms.33across.com/ps/ Frame 0FD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Mon, 04 Oct 2021 12:05:29 GMT
um
cs.emxdgt.com/ Frame 5D9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 04 Oct 2021 12:05:29 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 6BC9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YVruCsCo5tAAAN6prj8AAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YVruCsCo5tAAAN6prj8AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YVruCsCo5tAAAN6prj8AAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 04 Oct 2021 12:05:30 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YVruCsCo5tAAAN6prj8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
1
X-SO-HostName
m-ad208.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":6,"gdpr":true,"ipv4":"0.0.0.0","key":"YVruCsCo5tAAAN6prj8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad208"}
X-SO-Key
YVruCsCo5tAAAN6prj8AAAAA
X-SO-IP
78.47.208.31
X-SO-Cluster-ID
6
X-SO-Upstream-ID
m-ad208
usersync
rtb.gumgum.com/ Frame 302D
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827874216029864
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=2159827874216029864
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=2159827874216029864
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 04 Oct 2021 12:05:30 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzEyNDMwsrQwMxHiM9R1LY0sdHF2S4oySE2W4jU0MzY2NrE0NDYwMDAHAHLjNns0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 29 Oct 2022 12:05:30 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmxsbGJpaGxgYG54ShyZb2AOAMRTUiEgAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 29 Oct 2022 12:05:30 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzEyNDMwsrQwMxHiM9R1LY0sdHF2S4oySE0GAKySqTklAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=2159827874216029864
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 9749
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=8ZFBKdSMMjz3VHr2Hfkr&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=8ZFBKdSMMjz3VHr2Hfkr&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=8ZFBKdSMMjz3VHr2Hfkr&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 04 Oct 2021 12:05:30 GMT Mon, 04 Oct 2021 12:05:30 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=8ZFBKdSMMjz3VHr2Hfkr&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
sync
ads.servenobid.com/ Frame F9B8 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6516540702050882901&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame F9B8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID&gdpr=0&gdpr_consent=
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7636244950887096625&gdpr=0&gdpr_consent=
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7636244950887096625&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
X-Proxy-Origin
78.47.208.31; 78.47.208.31; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
851a602a-ce7e-4957-b5cd-92799556aa86
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7636244950887096625&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame F9B8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=64&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D68%26...
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
content-length
1030
content-type
text/html

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
ssbsync.smartadserver.com/api/ Frame F9B8
Redirect Chain
  • https://sync.mathtag.com/sync/img?gdpr=0&gdpr_consent=&mt_exid=39&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D25%26partnerus...
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=98ab615a-ee09-4900-9231-2ae61daa5d7d
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=98ab615a-ee09-4900-9231-2ae61daa5d7d
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
content-length
1030
content-type
text/html

Redirect headers

Date
Mon, 04 Oct 2021 12:05:30 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=98ab615a-ee09-4900-9231-2ae61daa5d7d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Oct 2021 12:05:29 GMT
sync
ssbsync.smartadserver.com/api/ Frame F9B8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?gdpr=0&gdpr_consent=&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26b...
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=4472295678925414128&gdpr=0&gdpr_consent=
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=4472295678925414128&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:29 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
server
nginx
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=4472295678925414128&gdpr=0&gdpr_consent=
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
casale
match.adsrvr.org/track/cmf/ Frame BDB4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame BDB4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVruCjNNqQT-om9yXtFquQAABIsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECFyw_OOk_1hO8XAM8NFJOA&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECFyw_OOk_1hO8XAM8NFJOA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 04 Oct 2021 12:05:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECFyw_OOk_1hO8XAM8NFJOA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BDB4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVruCjNNqQT.om9yXtFquQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLqDi1OVNGxNbAZrw4rErY&google_cver=1&gdpr=1&google_hm=2
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLqDi1OVNGxNbAZrw4rErY&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Oct 2021 12:05:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLqDi1OVNGxNbAZrw4rErY&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BDB4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVruCjNNqQT-om9yXtFquQAABIsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVruCjNNqQT-om9yXtFquQAABIsAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVruCjNNqQT-om9yXtFquQAABIsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SGPH9VCRPMDJ4YK69M3M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6J5E9SSGMG25NVNXV8M1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVruCjNNqQT-om9yXtFquQAABIsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BDB4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635941130
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635941130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Oct 2021 12:05:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:29 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635941130
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
getuid
ib.adnxs.com/ Frame BDB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame BDB4
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827874216029864
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827874216029864
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Oct 2021 12:05:30 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827874216029864
Date
Mon, 04 Oct 2021 12:05:30 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.php
gu.dyntrk.com/adx/ie/ Frame BDB4 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.160.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3198892.ip-135-125-160.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sync
ads.servenobid.com/ Frame BDB4 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YVruCjNNqQT-om9yXtFquQAABIsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 7363 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66441916&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame CEF1 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 12:05:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13607
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Mon, 04 Oct 2021 15:52:17 GMT
khaos.jpg
token.rubiconproject.com/ Frame CEF1 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/assets/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 04 Oct 2021 12:05:30 GMT
x-host
s7.addthis.com
content-length
116325
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=33464
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5adc4100e40b3cfe/ 		2 KB
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5adc4100e40b3cfe/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34a74a36d62cecaa04cb75c0f8ad5f892a6e878356a70c88d4667a6560ed25f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 12:05:30 GMT
content-encoding
gzip
etag
749136666--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=55, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
626
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=615aee0ab22eb0ab&bkl=0&bl=1&pdt=5199&sid=615aee0ab22eb0ab&pub=ra-5adc4100e40b3cfe&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=elgoog.im&fp=search%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1633349130845&jsl=1&uvs=615aee0a3f9a492c000&skipb=1&callback=addthis.cbs.jsonp__85873131222601120
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
720df51565b5a07dbe47fde330289a13af6c8745414c7581e0036734b507fdc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 12:05:31 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 99CF 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 97A9 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://elgoog.im/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Mon, 04 Oct 2021 12:05:30 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
async_usersync
ib.adnxs.com/ Frame 461F 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 12:05:30 GMT
X-Proxy-Origin
78.47.208.31; 78.47.208.31; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4de82cce-6b03-439e-be2f-fb201a5cbfe2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 04 Oct 2021 12:05:30 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://elgoog.im/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=Google+Search
last-modified
Mon, 04 Oct 2021 12:00:00 GMT
server
nginx/1.15.8
date
Mon, 04 Oct 2021 12:05:31 GMT
content-type
application/json
access-control-allow-origin
https://elgoog.im
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/ 		33 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&callback=_ate.cbs.rcb_hr2e0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e274bff6ba71a117a1b45a36f1efae453f0ad8f55c8d82477ace5ab4875a6c39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=google+search
last-modified
Mon, 04 Oct 2021 12:05:31 GMT
server
nginx/1.15.8
date
Mon, 04 Oct 2021 12:05:31 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
shares.json
api-public.addthis.com/url/ 		33 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Felgoog.im%2Fsearch%2F%3Fct%3Dgoogle-in-1998%26q%3Ddrugs%26num%3D10%26sa%3DGoogle%2BSearch&callback=_ate.cbs.rcb_bwm00
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-170.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
891b940f9e3c7cee023bbb270c49897c6f859a88c4278440c36a787b4158a8d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
elgoog.im/search/?ct=google-in-1998&q=drugs&num=10&sa=google+search
last-modified
Mon, 04 Oct 2021 12:05:31 GMT
server
nginx/1.15.8
date
Mon, 04 Oct 2021 12:05:31 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=328&uid=a88f3182eb10d6802df9adfd5a62ee3c7d29a66a
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| _taboola function| $ function| jQuery function| closeMenu function| showMenu function| addLoadEvent function| ga object| linksObj object| bsa_optimize function| mirrorClick function| animateInit function| animateNext object| TRC object| _tblConsole undefined| msg object| _comscore object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gaDevIds function| udm_ object| ns_p object| COMSCORE function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| bsagpt object| bsaaps object| bsaheaderbid object| googletag object| apstag function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| placementData object| _tfa object| cmTag undefined| define function| startCMTagMain function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| Criteo object| sas object| apntag object| _ADAGIO object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto

70 Cookies

Domain/Path Name / Value
.elgoog.im/ Name: _ga
Value: GA1.2.813070873.1633349126
.elgoog.im/ Name: _gid
Value: GA1.2.627465066.1633349126
.elgoog.im/ Name: _gat
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1D3DDLSJHETPT3F5OEZG5Rg1633349126
elgoog.im/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D0f4b070b-6a6d-43af-b56c-9798d5f07d10-tuct8547385
.openx.net/ Name: i
Value: 2bef4d82-d7a7-08ac-3561-546d8ccb681a|1633349126
.adnxs.com/ Name: icu
Value: ChgIvahBEAoYASABKAEwhtzrigY4AUABSAEQhtzrigYYAA..
.adnxs.com/ Name: uuid2
Value: 7636244950887096625
.criteo.com/ Name: uid
Value: 9bba4c2e-0a94-4f53-b1b2-29b61bfac6fb
.elgoog.im/ Name: cto_bundle
Value: vGNOS19MSlg0NSUyRjhIJTJGa2xlRVBvRUc5RG9HNHk5bW9Ld1hDWUUlMkZjNWJodzBHSlpTSUp0MUlPa2xlcCUyQlZyMmtjWEQ2UjBoVDhMSXZyV3ljcjdYZVZKRHlyeVVjNmF2QzVQcGJJWThmN2tpVE84c0lhNkxUb3VxYk1JS292VVl6aWphQzVOQ3huemtHZHNFYjJyMHRmZXVRNFFxZyUzRCUzRA
.openx.net/ Name: pd
Value: v2|1633349129|gekin0vNiygu
.quantserve.com/ Name: d
Value: EJ0BDAGzJIqsMA
.quantserve.com/ Name: mc
Value: 615aee09-d0bcd-b219d-507de
.mathtag.com/ Name: uuid
Value: 98ab615a-ee09-4900-9231-2ae61daa5d7d
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4472295678925414128
.servenobid.com/ Name: pid_312
Value: 7636244950887096625
.lijit.com/ Name: ljt_reader
Value: 2656825202f49a56ea5b0251
.adsrvr.org/ Name: TDID
Value: a98b6da6-b98c-4ead-8dd1-0c2292689141
.servenobid.com/ Name: pid_335
Value: 82f89005d2694e238057aa336a94849f
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzEyNDMwsrQwMxHiM9R1LY0sdHF2S4oySE2W4jU0MzY2NrE0NDYwMDAHAHLjNns0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzEyNDMwsrQwMxHiM9R1LY0sdHF2S4oySE0GAKySqTklAAAA
.casalemedia.com/ Name: CMID
Value: YVruCjNNqQT.om9yXtFquQAA
.casalemedia.com/ Name: CMPS
Value: 3175
.gumgum.com/ Name: vst
Value: e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
.smartadserver.com/ Name: pid
Value: 6516540702050882901
.casalemedia.com/ Name: CMPRO
Value: 1163
.casalemedia.com/ Name: CMST
Value: YVruCmFa7goA
.servenobid.com/ Name: pid_324
Value: 2159827874216029864
.bidswitch.net/ Name: c
Value: 1633349130
.bidswitch.net/ Name: tuuid_lu
Value: 1633349130
.bidswitch.net/ Name: tuuid
Value: 5d5a9be0-04fc-4637-a05a-89429c9c70b0
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiS_9zbv86DOhAFOAFaBmd1bWd1bWAC
.servenobid.com/ Name: pid_317
Value: 6516540702050882901
.servenobid.com/ Name: pid_309
Value: e_ac862c5c-8304-4c06-ad47-bf8b0c77b9e6
.servenobid.com/ Name: pid_333
Value: YVruCjNNqQT-om9yXtFquQAABIsAAAAB
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmxsbGJpaGxgYGlwShyZb2AOAGRILBEgAAAA
.ads.pubmatic.com/ Name: KCCH
Value: YES
.creativecdn.com/ Name: u
Value: 8ZFBKdSMMjz3VHr2Hfkr
.creativecdn.com/ Name: ts
Value: 1633349130
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003%22%7D
.servenobid.com/ Name: pid_310
Value: 2656825202f49a56ea5b0251
.doubleclick.net/ Name: IDE
Value: AHWqTUnFm5IKMPF5R5QK3rE565puqeaFwO0qKUS_vk15cI0zA1mKMgCvab1eXv7usMs
.servenobid.com/ Name: pid_321
Value: RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003
.yahoo.com/ Name: A3
Value: d=AQABBAruWmECEDbkPs4oF6fQR5Udim4Gcqc&S=AQAAApsZ8Dx9nJpqDXgeEjYG4PM
.360yield.com/ Name: tuuid
Value: e93e3927-917b-485c-aabe-c51779ece454
.360yield.com/ Name: tuuid_lu
Value: 1633349130
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-15302bfb-f5b6-4df7-a69a-22109fef47ba-003%22%2C%22nxtrdr%22%3Afalse%7D
.a-mo.net/ Name: amuid2
Value: 73f5bc6b-eb14-4b9e-9d6a-82619e389bd7
.casalemedia.com/ Name: CMRUM3
Value: 2d615aee0a05a0&e6615aee0a2760&27615aee0a0b40&c4615aee0a05a0&39615aee0a27602159827874216029864&be615aee0a05a0&40615aee0a2760no-consent&f1615aee0a05a0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVruCgAAAd6SUAAR
.admanmedia.com/ Name: admtr
Value: a88f3182eb10d6802df9adfd5a62ee3c7d29a66a
.postrelease.com/ Name: opt_out
Value: 1
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 572cd1599aa14097
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 7de9e299-44e6-5315-af32-fc1ace681210
.betweendigital.com/ Name: ss
Value: 1
.zemanta.com/ Name: zuid
Value: B2FjY4a1ufj4aiLpZNdX
.outbrain.com/ Name: obuid
Value: 708e71f5-85c1-404c-bb8d-256bc096155d
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1b56997d-3c79-4406-6065-274e8c14ee0d.apX2KbKlObMAanyZPeDtysuXalxDVRt27qEDSYwgMRQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-1b56997d-3c79-4406-6065-274e8c14ee0d%24ip%2478.47.208.31.EeU3Z53pKVffqHe4V7lh335MKmkhL00tpsIYw1ELm70
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.ipredictive.com/ Name: cu
Value: 5ea5ba38-250b-11ec-89be-9dff15d95565|1633349130443
.betweendigital.com/ Name: ut
Value: YVruCgAHCMizq0es0Cu6SNAxw2y92o1d-s4tgA==
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DA7FEB1C-74DB-4D5B-B51A-D261226CD913
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.servenobid.com/ Name: pid_327
Value: 73f5bc6b-eb14-4b9e-9d6a-82619e389bd7

1 Console Messages

Source Level URL
Text
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
acdn.adnxs.com
ad.360yield.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
api-public.addthis.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
buysellads-d.openx.net
c.amazon-adsystem.com
c1.adform.net
c3.taboola.com
cdn.elgoog.im
cdn.jsdelivr.net
cdn.taboola.com
cdn4.buysellads.net
cds.taboola.com
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
dsum-sec.casalemedia.com
elgoog.im
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gu.dyntrk.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
jadserve.postrelease.com
m.addthis.com
match.adsrvr.org
match.deepintent.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.33across.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
rtb.gumgum.com
s.amazon-adsystem.com
s7.addthis.com
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
trc.taboola.com
us-u.openx.net
v1.addthisedge.com
vidstat.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
z.moatads.com
ads.servenobid.com
s7.addthis.com
sync.technoratimedia.com
104.111.215.191
13.224.186.4
13.225.87.63
135.125.160.160
141.226.224.32
142.250.185.194
142.250.186.162
147.75.38.124
151.101.194.49
151.101.65.44
169.197.150.8
178.162.133.149
178.250.2.131
178.250.2.146
18.195.155.181
18.213.12.146
185.184.8.65
185.29.134.248
185.64.189.110
185.64.190.78
185.86.138.119
193.0.160.128
198.148.27.140
2.18.232.130
2.18.232.170
2.18.233.180
2.18.234.21
2.18.235.40
202.241.208.53
209.54.177.54
213.19.147.44
23.37.42.132
2606:4700:20::681a:9a9
2606:4700:3037::6815:4aae
2606:4700::6810:5614
2606:4700::6812:372
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:46::44
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:808::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9c
2a02:2638:1::3
2a02:2638::1c
2a04:4e42:600::300
3.69.77.40
34.204.22.100
35.244.159.8
37.157.4.29
37.252.172.123
37.252.173.62
51.38.120.206
52.18.52.16
52.58.206.142
54.159.94.231
54.246.172.223
64.202.112.191
66.155.71.149
67.202.105.22
69.173.144.139
72.251.249.9
76.223.111.131
76.223.126.88
82.145.213.8
94.31.29.32
96.46.186.57
03364797acc574946d6ad136c3f7ceaff61a2410013cdfd6331066ca3c4f0b4c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b825de47aba3c06f0193a05591ef370ba361c9080952cb7e9be1963cede860
09a26dbb3f93206de4b417ffa51364fe0c6b8fbf30fe88578abe88683f9d118f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
1596a6a93efa761021728a9a9bcfaf993547696023ed0b28042bae0fa10cf1b9
1942220c39ba3ba7d5c78e1630b26733e1dd36266ed776b37d4b26378c6fa776
1b0519f1cc6c4af010b701cbeef89c88c8f0870bd21c483a313644067796e9fe
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f871adc17c31230ef87ade94971fcb56a5b611fee9edf6de533535a4512c15d
1fb42911cd8d9456b16ce8a0cb8bb8d11a2a0dac26d7c64c36146f1fff6b226e
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
2e7e4fb4069e2a9d6923ed70c9cfc1fdd7e5a7b3f2d6634b034be71bb52d404b
34a74a36d62cecaa04cb75c0f8ad5f892a6e878356a70c88d4667a6560ed25f8
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
383e2e78b469b28d9c6d0aaf59e5e0572019748b9e5c75a856efcfba87ed573f
38cf1813518828bf4b80fb772af6589774e1d77af49197c6f5c5ebca5bb6c26c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f78458058ad1c379c6fbd9d5a407e2d1f0249046b195a6ec1427f7587379f51
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2a55355f1661738d074c8c465abb7bc3c73f4afa806f093730af9fff41f717
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
556d7e04634efda779d9deaab33a5f47614b9901fc5e04a1e4ae88b537a84b2c
56e92b441d55c79671c12ab64adb742756d8ab8ec92d446f68698c7b1cc36374
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5d9a615cb17459d93e24fb633f016613edae2479e955a5ed444266a5e553e802
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61e3f7b4db3e4add72ed02ed34c271590730960cce19f3e9daba9f41f96deefd
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
637035a23644b455b1f1f68986bd19db7b5693e0613527602b3073106d361d5c
63f6942125ba71554329b49bcaa6880a14753cd6dbf0c965f191fa24c7276128
65f0c185cf8b3a7c520d557112d9e8ae32ec8875a3d4de31eaac83b411a301b5
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ed6dc25c0545ce6ad509aec899a13cc81124c187c9905306a05652c266fdc85
7108170dc6fc78af2c3494fbbe3a4a044b183488f6546cd0cd7678c129bcc107
720df51565b5a07dbe47fde330289a13af6c8745414c7581e0036734b507fdc0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7766a07b0a8bdc8408143717af197651774ad8c840b7765624fd2ce93a96c7e2
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83e3bff4dcaa29f460fc8e9a74624323e8432c669498dd864d71cf790178c724
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
886543377b40a38e7042995816455bfa97a7cb870c73898e58e56cef9727a816
891b940f9e3c7cee023bbb270c49897c6f859a88c4278440c36a787b4158a8d7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f66e9ea3490dbf0cbfdb927d0e6fabcbe7a7ae7d9d2edc037863acfd0e3c555
9322135fa5f95c6de37d32ba5994c36161a034c936f23ab48772946d28e83790
940bd81f7332842d83df60672bf51a5712469d47a2d5c6365eb278c4fee93675
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
9b4cba453d787dc3db40d32cdff6d14dec5b34bf969f5a2b96873c4fd7cd5601
9ff31f9b277062c2bffd781a2343ae0ee0b7e1e69bc5f91297e6bd991fc6bb27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acf14e0a13c96e5c7c99efd6422b00c9359431ad7de82a1ef6fcb6e87c5815f2
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b642d452689ef88ee91afa58679205a02b1d7d7b122529737ffbe0f96f1054ee
b81f8bf194fe39d8223bc9942253f93c3138e69da8f9d38bb6f39fd6ba8c639d
bace19bcfef91a5fe04b1a7e80594b4fa17b31a7c44b3b827dceb83c9cbf60da
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
be68e1d73fdcca366df22bfcd54fbc03fdccd91fceab80558b1254e629564d20
bf379abafd24c9a794e884287fba6ee4de1ec2350ac3f9dae9adb84750a8cd68
c1c5c4652853e94c755f5306c8a3256b6791e58515b8f76a0432d86f4dc44a46
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32c4fb54b4ffa3b369c52caac50ce16daa38ea8876f51e0e81a0bdef9cf0b8d
c5b54016f463344a05513bff6e67060236d45b996118c029f55d71323289d702
cb0587cabae102e498ef4a2d70669bdab0408be646988f88aa3f324e6b501cd3
cbbd733dbb554ef0ec3db903b2e1ba4d6ceff69b6882236fd422f94460b2ffb6
cbce1728fe22269d982ef93935ed3a20150ac0a5344d061a51942d34e0c1086f
ce9e3c2164177368198969b7669e4b8aa5a1bdc36f26e31febd0394cef913ec4
d334796ed24f1592e5514975e6ae4a0b32ba830f7de8ac19b8666e0ffb61106b
d361c665fed501be2411be1cf3194aad870e7dbc9139022031ae2711a9a5f777
d3f43ce1876830a4cd376f396bb98a5fe91fbebb1a2ad2d4df92a91f4c82e944
d951008c7bfe2d0ccaf05508b5e7515a0b918d24fd6d962d226b8508a4647a92
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e274bff6ba71a117a1b45a36f1efae453f0ad8f55c8d82477ace5ab4875a6c39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ecd73f9c322b0583c723569820f877295cdc59bc3e5c33fc8075a74c3cd284d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24a0c6e4ba86eb57c55dfbf3ba39cf97114fccc38760f33c21975a23e6750f8
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62